Cybersecurity

HHS Cybersecurity Task Force Releases New Resources to Address Rise in Healthcare Cyberattacks

by Jill McKeon

The HHS 405(d) Program and the Health Sector Coordinating Council Cybersecurity Working Group (HSCC CWG) led efforts to release three new and updated resources to help healthcare organizations manage...

Alcohol Recovery Startup Suffers Healthcare Data Breach, 108K Impacted

by Jill McKeon

Alcohol recovery startup Monument disclosed a healthcare data breach to HHS that impacted 108,584 individuals. According to a report from The Verge, Monument, which acquired fellow online alcohol...

Records and Information Management Professionals Pinpoint Digitization, Cybersecurity as Key Challenges

by Sarai Rodriguez

Industry professionals across different sectors, including healthcare, view digital transformation and information security as crucial priorities, presenting both challenges and opportunities to meet...

Iowa Medicaid Suffers Third-Party Data Breach, 20K Impacted

by Jill McKeon

The Iowa Department of Health and Human Services announced that approximately 20,000 Medicaid members may have had their personal information compromised as a result of a third-party data breach. Iowa...

How the HSCC is Bridging the Gap Between Cyber Haves and Have-Nots

by Jill McKeon

Cybersecurity remains a key challenge for the healthcare sector, an industry inundated with ransomware, phishing attacks, third-party risk management struggles, and security staffing shortages. These obstacles are consistent across the...

HHS Emphasizes EHR Cybersecurity Risks to Healthcare Sector

by Sarai Rodriguez

EHRs are poised to remain a crucial part of the healthcare industry, but the exploitation of patient data casts a shadow over its benefits. A recent HHS threat brief emphasized the need for healthcare...

DNS NXDOMAIN Flood DDoS Attacks Impacting Healthcare, HC3 Warns

by Jill McKeon

HHS warned the healthcare sector of ongoing DNS NXDOMAIN flood distributed denial-of-service (DDoS) attacks that could pose significant threats to security and system availability. HHS'...

Microsoft, Fortra, Health-ISAC Crack Down On Cobalt Strike Abuse

by Jill McKeon

Microsoft’s Digital Crimes Unit (DCU), along with cybersecurity software company Fortra and the Health Information Sharing and Analysis Center (Health-ISAC), are working together to disrupt...

HC3 Raises Concern Over KillNet DDoS Attacks Targeting Healthcare Sector

by Sarai Rodriguez

In just a few months since its emergence in 2022, pro-Russia hacktivist group KillNet has quickly evolved into a significant threat to the healthcare sector by executing distributed denial-of-service...

Tallahassee Memorial Provides Healthcare Data Breach Notice

by Jill McKeon

Tallahassee Memorial HealthCare (TMH) provided a healthcare data breach notice to HHS following a February breach. The incident impacted 20,376 individuals in total. As previously reported, TMH began...

HSCC Releases Free Video Series Providing Healthcare Cybersecurity Awareness, Training to Clinicians

by Jill McKeon

The Health Sector Coordinating Council (HSCC) Cybersecurity Working Group has released a free eight-part video series entitled “Cybersecurity for the Clinician.” The video series provides...

Health-ISAC Annual Threat Report Sheds Light on Healthcare Cyber Threat Landscape

by Jill McKeon

Health-ISAC released its annual threat report, providing insight into how healthcare cybersecurity experts view the current cyber threat landscape. More than 280 executives across Health-ISAC, CHIME,...

FDA to Refuse Medical Device Submissions For Cybersecurity Reasons Beginning in October

by Jill McKeon

Effective immediately, the US Food and Drug Administration (FDA) will require medical device manufacturers to provide cybersecurity information in their premarket device submissions. Additionally,...

Fortra GoAnywhere MFT Vulnerability Impacts Blue Shield of CA

by Jill McKeon

Blue Shield of California notified 63,341 individuals of a healthcare data breach that stemmed from the Fortra GoAnywhere vulnerability. One of Blue Shield’s providers, Brightline Medical...

Inadequate Healthcare Cybersecurity Maturity Jeopardizes Patient Privacy

by Sarai Rodriguez

The healthcare sector ranks lowest in several cybersecurity maturity domains, according to CYE's first Cybersecurity Maturity Report, which suggests that even organizations that handle highly...

CISA Looks Back On One Year of CIRCIA, Encourages Cyber Threat Sharing

by Jill McKeon

President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) into law one year ago, requiring the Cybersecurity and Infrastructure Security Agency (CISA) to...

HHS, FBI Disrupt BreachForums Cybercriminal Marketplace

by Jill McKeon

Thanks to a joint effort by the HHS Office of Inspector General (OIG) and the Federal Bureau of Investigation (FBI), a cybercriminal marketplace known as BreachForums was forced offline, the Department...

HC3 Checklist Helps Healthcare Sector Ensure Mobile Device Security

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) released a mobile device security checklist, containing important considerations for using mobile devices in a healthcare...

Dark Web Intel Underutilized by CISOs, Diminishing Healthcare Cybersecurity

by Sarai Rodriguez

The healthcare sector struggles to keep pace in a rapidly changing healthcare cybersecurity landscape, as some CISOs neglect to leverage dark web intelligence, resulting in a weaker cyber posture...

CISA Issues Revised Cybersecurity Performance Goals

by Jill McKeon

The Cybersecurity and Infrastructure Security Agency (CISA) released an updated version of its Cybersecurity Performance Goals (CPGs), a set of voluntary practices that critical infrastructure...