Getting the health sector to vastly improve the state of its cybersecurity will take much more than the recent issuance of federal guidance outlining cyber performance goals for entities. It will also require new government incentives and mandates, said Steve Cagle, CEO of consultancy Clearwater.
A Texas-based physical and occupational therapy provider is notifying nearly 4 million patients that they have joined the soaring tally of victims of a data theft incident at a Nevada medical transcription vendor last year. The supply chain hack appears to have affected at least 14 million people.
Does a day ever go by without a fresh set of data breach notifications? Some organizations' breach notifications at least signal respect for the recipient. But others play it shadier, by resorting to marketing spin, minimizing the blame, and in some cases, even indulging in corporate cheerleading.
Federal regulators have released guidance that spells out voluntary cybersecurity performance goals for the healthcare sector. The document is a first step in fleshing out the Biden administration's strategy to push hospitals and other healthcare entities to adopt a stronger cybersecurity posture.
As cyberthreats evolve, mobile network operators need offensive security to maintain resilience. Traditional security, such as firewalls and encryption, is not sufficient on its own. Offensive security is proactive; it mimics the strategies of real attackers to stay ahead of potential threats.
Two tech advocacy groups are pushing the Federal Trade Commission to investigate Google, alleging the company has reneged on a promise it made after the Supreme Court's 2022 overturn of Roe v. Wade to promptly delete location data about users' visits to sensitive places, such as abortion clinics.
In the latest weekly update, ISMG editors discussed why crypto-seeking drainer scam-as-a-service operations are thriving, a novel legal move that recovered a hospital's stolen data, and a ground-breaking case involving bitcoin that could streamline recovery for victims.
The ubiquity and anonymity of cryptocurrencies are fueling economic, legal and ethical challenges that put healthcare entities in the crosshairs of cybercriminals, said David Hoffman, general counsel of Claxton-Hepburn Medical Center, which recently filed a lawsuit against ransomware gang LockBit.
A North Carolina healthcare system has agreed to pay $6.6 million to settle a consolidated class action lawsuit involving its use of tracking tools in its websites and patient portals. The suit alleges the website trackers sent sensitive patient information to third parties without their consent.
A cloud services firm has turned over to a New York hospital alliance the patient data stolen in a ransomware attack by LockBit. The hospital group had filed a lawsuit against LockBit as a legal maneuver to force the storage firm to return data the cybercriminals had stashed on the vendor's servers.
A Mississippi health system is notifying nearly 253,000 individuals that their data was potentially compromised in a "malicious and sophisticated ransomware" attack last August that also took IT systems offline. The cybercriminal gang Rhysida had claimed responsibility for the assault.
A fertility testing laboratory has agreed to improve its data security practices and pay up to $1.25 million to settle a consolidated class action lawsuit filed in the wake of a 2021 ransomware attack that compromised sensitive health information of about 350,000 patients.
Google Cloud's Mandiant says its account at X, formerly Twitter, was hijacked and used to link to cryptocurrency phishing pages after an attacker guessed the account password, apparently after Twitter last year deactivated the account's SMS-based two-factor authentication, leaving it unprotected.
Cybercriminals are extorting some patients and threatening them with swatting in the wake of a recent cyberattack on a Seattle cancer center. The incident, stemming from a Citrix Bleed exploit, has triggered multiple lawsuits and affected the personal data of at least 1 million people.
Fallout is mounting, and new developments are emerging in several high-profile health data hacks. Data breaches reported in recent weeks and months at a medical transcription vendor, a hospital chain and a law firm are affecting a growing list of clients and individuals - and triggering lawsuits.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.