KLAS Research recognized several leading security and privacy vendors as Best in KLAS winners for 2024. The 2024 Best in KLAS software and services winners were designated based on information...
ECRI named ransomware as one of the top ten health tech hazards of 2024 in its annual report, following a record year for healthcare data breaches. Ransomware and other cyber risk areas have made...
Florida lawmakers have proposed new legal protections for businesses facing claims of negligence in data breach lawsuits in the recently introduced Florida House Bill No. 473.
Also known as the...
The healthcare sector was hit hard by data breaches in 2023, with more than 540 organizations reporting breaches to HHS last year. Ransomware remains a top threat to healthcare, as exemplified by the...
HHS has released sector-specific cybersecurity performance goals (CPGs) to help the sector prioritize key security actions and reduce risk. The voluntary CPGs consist of “essential” and...
The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert to warn healthcare organizations of recent threat actor activity involving the abuse of ScreenConnect, a widely used...
The American Hospital Association (AHA) warned hospitals of a validated IT help desk social engineering scheme and encouraged hospitals to remain vigilant and notify the Federal Bureau of Investigation...
New York Attorney General Letitia James reached an agreement with Refuah Health Center over alleged failures to protect the private health information of patients, which led to a ransomware attack....
The US Government Accountability Office (GAO) released a report on medical device cybersecurity to address limitations in federal agencies’ authority, explore challenges in accessing federal...
The Cybersecurity and Infrastructure Security Agency (CISA) published a cybersecurity advisory based on key findings that the agency uncovered during a risk and vulnerability assessment (RVA) conducted...
The US Department of Justice (DOJ) has successfully disrupted the BlackCat ransomware group and offered a decryption tool to more than 500 victims around the world. Also known as ALPHV or Noberus,...
The American Hospital Association (AHA) expressed dissatisfaction with parts of HHS’ recently released healthcare cybersecurity strategy, which was unveiled in early December. Specifically, the...
Open-source software (OSS) is the foundation of modern software development, but it can also expose critical infrastructure sectors to cybersecurity risks, the HHS Health Sector Cybersecurity...
HHS released a concept paper outlining the department’s long-awaited healthcare cybersecurity strategy and establishing goals for improving the sector’s cybersecurity posture. The...
Hospitals should take immediate action to protect against the Citrix Bleed cybersecurity vulnerability, the American Hospital Association (AHA) warned, following multiple alerts by government agencies...
Capital Health, which operates two hospitals in New Jersey and other regional care sites, is experiencing a network outage caused by what it believes to be a cyberattack. The healthcare organization is...
New York Attorney General Letitia James issued a consumer alert to warn New Yorkers about the potential impacts of a data breach that occurred at Perry Johnson & Associates (PJ&A), a medical...
Grocery chain Kroger is facing two class action lawsuits tied to its use of tracking technologies. Both lawsuits alleged that Kroger pharmacy patients were not informed that their health data was being...
Ardent Health Services, which owns 30 hospitals and 200 sites of care across six states, confirmed a healthcare cyberattack that occurred on the morning of November 23. Hospitals in multiple states...
The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a brief about Emotet, a notorious malware strain that has impacted the healthcare sector for years. Emotet has been operational...