Healthcare software-as-a-service company Welltok recently notified 8.5 million individuals of a data breach stemming from the May 2023 MOVEit hack. The incident signifies one of the largest breaches...
Ardent Health Services, which owns 30 hospitals and 200 sites of care across six states, confirmed a healthcare cyberattack that occurred on the morning of November 23. Hospitals in multiple states...
The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a brief about Emotet, a notorious malware strain that has impacted the healthcare sector for years. Emotet has been operational...
The Cybersecurity and Infrastructure Security Agency (CISA) issued a cybersecurity vulnerability mitigation guide for the healthcare sector, stressing the importance of remediating known...
The HHS Office for Civil Rights (OCR) completed a HIPAA investigation into New York-based Saint Joseph’s Medical Center following claims that the organization had impermissibly disclosed COVID-19...
HC3 issued an analyst note regarding BlackSuit ransomware, a relatively new group that appears to be similar to the Royal ransomware family and its notorious predecessor, Conti ransomware. HC3 warned...
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint...
UPDATE,11/16/2023: The HHS data breach portal now shows that the Perry Johnson & Associates data breach impacted nearly 9 million individuals, making it one of the largest reported healthcare...
New York Governor Kathy Hochul proposed a set of sweeping cybersecurity regulations that would apply to hospitals across the state, along with $500 million in funding to help healthcare facilities...
New York Attorney General Letitia James announced a $450,000 settlement with US Radiology Specialists over alleged health data security failures that resulted in a ransomware attack. The Attorney...
Henry Schein, a major distributor of healthcare products across 32 countries, suffered a cyberattack in mid-October that disrupted some of its manufacturing and distribution operations.
A few weeks...
US Senators Mark Warner (D-VA), Bill Cassidy (R-LA), John Cornyn (R-TX), and Maggie Hassan (D-NH) launched a bipartisan Senate healthcare cybersecurity working group. The group will focus on proposing...
The American Hospital Association (AHA) has sued the federal government over the HHS Office for Civil Rights’ (OCR) stance on tracking technology use in healthcare. Joined by the Texas Hospital...
HITRUST issued a response to the White House’s request for information (RFI) on the harmonization of cybersecurity regulations, suggesting that regulation alone is not a fix to the ongoing cyber...
The International Counter Ransomware Initiative (CRI) held its third summit in Washington, DC, with representatives from 50 countries joining together to build upon counter-ransomware projects and...
The HHS Office for Civil Rights (OCR) announced a $100,000 settlement to resolve a data breach investigation with Doctors’ Management Services, a Massachusetts-based medical management company...
Minority groups are at risk following a potential data security event involving 23andMe may have resulted in health-related data and personally identifiable information (PII) of certain...
The HHS Office for Civil Rights (OCR) released an educational video to help covered entities understand how the HIPAA Security Rule can help them defend against cyberattacks. The video was produced in...
The Health Sector Cybersecurity Coordination Center (HC3) urged the sector to prioritize monitoring and upgrading SolarWinds systems following a series of cybersecurity vulnerability...
HHS and the Cybersecurity and Infrastructure Security Agency (CISA) teamed up to release a healthcare cybersecurity toolkit consisting of key resources for managing and mitigating cyber risk in the...