April 30, 2024 - The Federal Trade Commission (FTC) finalized updates to its Health Breach Notification Rule (HBNR) with the goal of clarifying the rule’s applicability to health apps and other technologies that fall outside HIPAA’s purview. The FTC issued the HBNR more than a decade ago, when health apps were not as embedded into the US healthcare...

April 29, 2024 - In a recent press release, UnitedHealth Group (UHG) confirmed that data was compromised during the Change Healthcare cyberattack. While UHG has yet to complete its data review, its initial investigation suggests that the breach “could cover a substantial proportion of people in America.” In the same press release, UHG offered to make...

April 26, 2024 - Kaiser Foundation Health Plan filed a data breach report with the HHS Office for Civil Rights (OCR), confirming a 13.4-million record breach. The filing signifies the largest breach reported to OCR in 2024 so far. Kaiser told TechCrunch that the breach stemmed from its use of certain technologies installed on its websites and applications, which...

April 25, 2024 - Threat actors are increasingly targeting edge devices, exploiting zero-day vulnerabilities, and engaging in living off the land attacks to evade threat detection tools, Mandiant revealed in a recent report. In 2023, Mandiant tracked 97 unique zero-day vulnerabilities that were exploited in the wild, signifying a 50% increase from 2022. Exploits...