US Senator Ron Wyden (D-OR) sent a letter to the Federal Trade Commission (FTC) and Securities and Exchange Commission (SEC) chairs urging them to hold a data broker accountable for alleged misleading...
UPDATE 2/13/24 - This article has been updated to reflect new information about the cyberattack on Lurie Children's Hospital.
Lurie Children's Hospital has entered its third week of...
The Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note about Akira ransomware, a group that has been active since at least May 2023. In its short tenure, Akira has conducted...
HHS, via the Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA), announced its finalized changes to the Confidentiality of Substance Use...
KLAS Research recognized several leading security and privacy vendors as Best in KLAS winners for 2024. The 2024 Best in KLAS software and services winners were designated based on information...
US Fertility (USF) reached a $5.75 million settlement to resolve allegations of negligence following a 2020 ransomware attack and data breach that impacted nearly 900,000 individuals. USF provides IT...
UPDATE 2/7/2024 - This article has been updated to include a statement from a Montefiore Medical Center spokesperson.
The HHS Office for Civil Rights (OCR) announced a $4.75 million settlement with...
ECRI named ransomware as one of the top ten health tech hazards of 2024 in its annual report, following a record year for healthcare data breaches. Ransomware and other cyber risk areas have made...
Insurance brokerage company Keenan & Associates recently notified more than 1.5 million individuals of a data breach. Keenan provides insurance and risk management solutions for schools, colleges,...
Concentra Health Services filed a data breach report with HHS in January tied to a previously reported breach at Perry Johnson & Associates (PJ&A), a medical transcription company....
Florida lawmakers have proposed new legal protections for businesses facing claims of negligence in data breach lawsuits in the recently introduced Florida House Bill No. 473.
Also known as the...
The healthcare sector was hit hard by data breaches in 2023, with more than 540 organizations reporting breaches to HHS last year. Ransomware remains a top threat to healthcare, as exemplified by the...
HHS has released sector-specific cybersecurity performance goals (CPGs) to help the sector prioritize key security actions and reduce risk. The voluntary CPGs consist of “essential” and...
Singing River Health System in Mississippi suffered a ransomware attack in August 2023 that resulted in a data breach. The breach impacted 252,890 individuals in total, according to a notice provided...
The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert to warn healthcare organizations of recent threat actor activity involving the abuse of ScreenConnect, a widely used...
In 2023, more than 540 organizations reported healthcare data breaches to HHS, impacting upwards of 112 million individuals.
As the new year begins, the aftermath of 2023 breaches continues to...
The American Hospital Association (AHA) warned hospitals of a validated IT help desk social engineering scheme and encouraged hospitals to remain vigilant and notify the Federal Bureau of Investigation...
Massachusetts-based ReproSource Fertility Diagnostics reached a $1.25 million settlement to resolve claims of negligence tied to a 2021 data breach. ReproSource, which was acquired by Quest Diagnostics...
Novant Health agreed to pay $6.6 million to settle a class action lawsuit surrounding improper disclosures of protected health information (PHI) due to the health system’s use of third-party...
New York Attorney General Letitia James reached an agreement with Refuah Health Center over alleged failures to protect the private health information of patients, which led to a ransomware attack....