New data from asset visibility and security company Armis found that 1 in 5 connected medical devices run on unsupported operating systems (OS). To inform its research, Armis analyzed data collected by...
San Francisco-based John Muir Health (JMH) notified 821 patients of a security incident that occurred when an Excel file containing patient information was accidentally exposed to the internet. JMH...
At a recent House Oversight Committee hearing, Mila Kofman, executive director of the DC Health Benefit Exchange Authority (DCHBX) delivered a testimony providing new information about the data breach...
Mandiant observed threat actors favoring the financial, professional services, high tech and healthcare industries in 2022, according to its newly released M-Trends 2023 report. The report aimed to...
Massachusetts-based Point32Health, the parent of Harvard Pilgrim Health Care and Tufts Health Plan, posted a notice on its website regarding a “cybersecurity ransomware incident” that it...
The average cost of a healthcare ransomware attack was $4.82 million in 2021, according to IBM Security’s “Cost of a Data Breach Report.” In a new report by ThreatConnect, the cyber...
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled the upgraded Zero Trust Maturity Model Version 2 in line with President Biden's National Cybersecurity Strategy.
The new model...
A survey of more than 400 healthcare workers revealed perceived gaps in healthcare security programs, Salesforce discovered. As new technologies such as generative AI gain popularity, security experts...
The HHS 405(d) Program and the Health Sector Coordinating Council Cybersecurity Working Group (HSCC CWG) led efforts to release three new and updated resources to help healthcare organizations manage...
Alcohol recovery startup Monument disclosed a healthcare data breach to HHS that impacted 108,584 individuals. According to a report from The Verge, Monument, which acquired fellow online alcohol...
Industry professionals across different sectors, including healthcare, view digital transformation and information security as crucial priorities, presenting both challenges and opportunities to meet...
The Iowa Department of Health and Human Services announced that approximately 20,000 Medicaid members may have had their personal information compromised as a result of a third-party data breach.
Iowa...
The HHS Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM) with the goal of strengthening HIPAA Privacy Rule protections for those seeking and delivering reproductive...
Insight Global, the contact tracing program administrator hired by the state of Pennsylvania, has reached a proposed settlement to resolve a class-action healthcare data breach lawsuit. The breach,...
The COVID-19 public health emergency (PHE) is set to end on May 11, marking the expiration of many pandemic-era support programs and lighter compliance obligations. As such, the HHS Office for Civil...
EHRs are poised to remain a crucial part of the healthcare industry, but the exploitation of patient data casts a shadow over its benefits. A recent HHS threat brief emphasized the need for healthcare...
HHS warned the healthcare sector of ongoing DNS NXDOMAIN flood distributed denial-of-service (DDoS) attacks that could pose significant threats to security and system availability. HHS'...
Microsoft’s Digital Crimes Unit (DCU), along with cybersecurity software company Fortra and the Health Information Sharing and Analysis Center (Health-ISAC), are working together to disrupt...
In just a few months since its emergence in 2022, pro-Russia hacktivist group KillNet has quickly evolved into a significant threat to the healthcare sector by executing distributed denial-of-service...
Tallahassee Memorial HealthCare (TMH) provided a healthcare data breach notice to HHS following a February breach. The incident impacted 20,376 individuals in total.
As previously reported, TMH began...
