An ex-employee of Microsoft's Nuance Communications unit is at the center of a 2023 data breach that affected more than 1 million patients of Pennsylvania-based healthcare system Geisinger. The Department of Justice has criminally charged the former Nuance worker in the incident.
Change Healthcare says it has begun to notify customers whose data was compromised in the February ransomware attack that affected scores of healthcare providers, health insurance plans and other organizations. The company will begin to notify affected individuals in late July.
In the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.
A Minnesota-based radiology practice is notifying more than 500,000 individuals that their information was accessed and potentially acquired by hackers. The incident is one of several major health data breaches reported by radiologists in recent months as affecting hundreds of thousands of patients.
Medibank's lack of MFA on its global VPN allowed a hacker to use credentials stolen from an IT services desk contractor to access the private health insurer's IT systems in 2022, leading to a dark web data leak affecting 9.7 million individuals, Australian regulators said in court documents.
New SEC regulations mandate that publicly traded companies disclose material cybersecurity events and outline their cybersecurity strategies in 10-K filings. Paul Kurtz, field CTO of Splunk, discusses how these rules drive transparency and accountability in cybersecurity reporting.
Two U.S. senators are demanding UnitedHealth Group report a HIPAA breach and notify affected individuals no later than June 21, alleging the company is already violating HIPAA by dragging out the notification process in the aftermath of the Feb. 21 cyberattack on Change Healthcare.
A financially motivated hacker claims to have stolen over 34 gigabytes of data belonging to Singapore-based Telecom company Absolute Telecom. The hacker dubbed GhostR claims to have access to the company's data including corporate accounting, credit cards and customer information.
SecurityScorecard accused Safe Security and former employee Mary Polyakova in a civil complaint of stealing confidential customer information and engaging in unfair competition. The lawsuit seeks to protect SecurityScorecard's trade secrets and recover monetary damages.
Tens of thousands of hospitals and medical practices can breathe a little easier now. Federal regulators have given the green light for Change Healthcare to handle the breach notification to tens of millions of individuals affected in a February cyberattack. But the devil is in the details.
A Nebraska firm that provides medication benefits management and pharmacy services is notifying more than 2.8 million individuals of an October 2023 hacking incident involving the potential theft of their personal information, including Social Security numbers. Did the company pay a ransom?
An Illinois-based air-ground ambulance company is notifying more than 858,000 individuals that their sensitive information was compromised in a hacking incident that happened about a year ago. The breach is the latest hack on an ambulance company reported to regulators in recent weeks.
More than 100 medical associations and industry groups representing tens of thousands of U.S. doctors and healthcare professionals have banded together to urge federal regulators to hold Change Healthcare responsible for breach notifications related to a massive February ransomware attack.
A Texas-based firm that provides health plan administration services is notifying more than 2.4 million individuals of a hacking incident and data theft that happened more than a year ago. Why did it take WebTPA so long to report that a breach occurred?
Australian e-prescription firm MediSecure said it is dealing with a large-scale cyberattack that could affect the personal and health information of millions of patients. The company says it is working with the Australian government on a "whole-of-government response" to the ransomware attack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.