Cybersecurity News

Change Healthcare cyberattack fallout continues

March 18, 2024 - UPDATE 3/18/2024 - This article has been updated to reflect new information about the Change Healthcare cyberattack. CMS recently issued guidance for states to make interim Medicaid payments to providers hit by the Change Healthcare cyberattack. The federal agency announced the flexibilities on March 15th, which will allow states to start...


Articles

63% of known exploited vulnerabilities found on healthcare networks

by

Healthcare networks and medical devices are highly vulnerable to cyberattacks, according to a recent study from cyber-physical systems protection company Claroty. The study found that 63 percent of...

Lurie Children’s Restores Key Systems Following Cyberattack

by

Lurie Children's Hospital in Chicago has restored its Epic EHR platform and other key systems following a cyberattack that began on January 31st, the hospital stated. MyChart remains unavailable as...

HHS Releases Statement on Change Healthcare Cyberattack

by

HHS released a statement regarding the Change Healthcare cyberattack and shed light on immediate steps that CMS is taking to assist providers during this time. The announcement follows multiple...

Optum Offers Temporary Funding Assistance For Change Healthcare Customers

by

UPDATE 3/5/2024 - This article has been updated to include excerpts from a letter that the AHA sent to UnitedHealth Group.  Optum has launched a temporary funding assistance program to help...

NIST Releases CSF 2.0, Caters to Audience Beyond Critical Infrastructure

by

The National Institute of Standards and Technology (NIST) released version 2.0 of its Cybersecurity Framework (CSF), which is broadly used to reduce cyber risk across critical infrastructure....

MGMA Urges HHS to Financially Assist Medical Groups Amid Change Cyberattack

by

The Medical Group Management Association (MGMA) urged HHS to use “all the tools at its disposal” to mitigate the impacts of the Change Healthcare cyberattack on medical groups in a letter...

HSCC Issues Five-Year Health Industry Cybersecurity Strategic Plan

by

The Healthcare and Public Health (HPH) Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) announced the publication of its “Health Industry Cybersecurity Strategic Plan”...

Cybersecurity Preparedness Tied to Lower Insurance Premium Increases

by

Surveyed healthcare organizations that used the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as their primary framework saw lower cyber insurance premium...

Authorities Successfully Disrupt LockBit Ransomware Group

by

The US Department of Justice (DOJ) and UK authorities announced the disruption of the LockBit ransomware group at a press conference held in London on February 20. LockBit was a notorious ransomware...

GAO Urges HHS to Increase Oversight of Ransomware Practices

by

The US Government Accountability Office (GAO) issued recommendations to HHS surrounding its oversight of ransomware practices across the sector in a recent report. The report assessed four federal...

New Legislation Aims to Strengthen Healthcare Cybersecurity Within HHS

by

US Senators Angus King (I-ME) and Marco Rubio (R-FL) introduced the Strengthening Cybersecurity in Health Care Act, aimed at bolstering cybersecurity efforts within HHS. Specifically, the act would...

Chicago Children’s Hospital Confirms Cyber Threat Activity

by

UPDATE 2/13/24 - This article has been updated to reflect new information about the cyberattack on Lurie Children's Hospital.  Lurie Children's Hospital has entered its third week of...

Akira Ransomware Aggressively Targets Healthcare, HC3 Warns

by

The Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note about Akira ransomware, a group that has been active since at least May 2023. In its short tenure, Akira has conducted...

KLAS Highlights Top Security, Privacy Solutions This Year

by

KLAS Research recognized several leading security and privacy vendors as Best in KLAS winners for 2024. The 2024 Best in KLAS software and services winners were designated based on information...

Ransomware Makes ECRI’s Top Health Tech Hazards List

by

ECRI named ransomware as one of the top ten health tech hazards of 2024 in its annual report, following a record year for healthcare data breaches. Ransomware and other cyber risk areas have made...

FL Bill Seeks to Reduce Cyber Incident Liability For Entities That Meet Industry Standards

by

Florida lawmakers have proposed new legal protections for businesses facing claims of negligence in data breach lawsuits in the recently introduced Florida House Bill No. 473. Also known as the...

Researchers Observe Increase in Emerging Ransomware Groups Targeting Healthcare

by

The healthcare sector was hit hard by data breaches in 2023, with more than 540 organizations reporting breaches to HHS last year. Ransomware remains a top threat to healthcare, as exemplified by the...

HHS Unveils Healthcare Cybersecurity Performance Goals

by

HHS has released sector-specific cybersecurity performance goals (CPGs) to help the sector prioritize key security actions and reduce risk. The voluntary CPGs consist of “essential” and...

Threat Actors Abuse ScreenConnect Access to Target Healthcare

by

The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert to warn healthcare organizations of recent threat actor activity involving the abuse of ScreenConnect, a widely used...