The American Hospital Association (AHA) expressed dissatisfaction with parts of HHS’ recently released healthcare cybersecurity strategy, which was unveiled in early December. Specifically, the...
New York Attorney General (NYAG) Letitia James reached a settlement with Healthplex, a large dental insurance provider, following a data breach that occurred in November 2021. Healthplex agreed to pay...
Open-source software (OSS) is the foundation of modern software development, but it can also expose critical infrastructure sectors to cybersecurity risks, the HHS Health Sector Cybersecurity...
HHS released a concept paper outlining the department’s long-awaited healthcare cybersecurity strategy and establishing goals for improving the sector’s cybersecurity posture. The...
Genetic testing company 23andMe notified 6.9 million individuals that their personal information was compromised in October 2023. However, 23andMe had no evidence that there was a data security incident within its systems. Instead, threat...
Genetic testing company 23andMe issued an amended Form 8-K Securities and Exchange Commission (SEC) filing to provide supplemental information about a data breach that occurred in October 2023.
On...
Hospitals should take immediate action to protect against the Citrix Bleed cybersecurity vulnerability, the American Hospital Association (AHA) warned, following multiple alerts by government agencies...
Capital Health, which operates two hospitals in New Jersey and other regional care sites, is experiencing a network outage caused by what it believes to be a cyberattack. The healthcare organization is...
Grocery chain Kroger is facing two class action lawsuits tied to its use of tracking technologies. Both lawsuits alleged that Kroger pharmacy patients were not informed that their health data was being...
Healthcare software-as-a-service company Welltok recently notified 8.5 million individuals of a data breach stemming from the May 2023 MOVEit hack. The incident signifies one of the largest breaches...
Ardent Health Services, which owns 30 hospitals and 200 sites of care across six states, confirmed a healthcare cyberattack that occurred on the morning of November 23. Hospitals in multiple states...
The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a brief about Emotet, a notorious malware strain that has impacted the healthcare sector for years. Emotet has been operational...
The Cybersecurity and Infrastructure Security Agency (CISA) issued a cybersecurity vulnerability mitigation guide for the healthcare sector, stressing the importance of remediating known...
HC3 issued an analyst note regarding BlackSuit ransomware, a relatively new group that appears to be similar to the Royal ransomware family and its notorious predecessor, Conti ransomware. HC3 warned...
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint...
UPDATE,11/16/2023: The HHS data breach portal now shows that the Perry Johnson & Associates data breach impacted nearly 9 million individuals, making it one of the largest reported healthcare...
New York Governor Kathy Hochul proposed a set of sweeping cybersecurity regulations that would apply to hospitals across the state, along with $500 million in funding to help healthcare facilities...
New York Attorney General Letitia James announced a $450,000 settlement with US Radiology Specialists over alleged health data security failures that resulted in a ransomware attack. The Attorney...
Henry Schein, a major distributor of healthcare products across 32 countries, suffered a cyberattack in mid-October that disrupted some of its manufacturing and distribution operations.
A few weeks...
Despite increased attention from lawmakers and a renewed focus on healthcare cybersecurity awareness, the healthcare sector remains a top target favored by threat actors around the world. In fact, more than 88 million individuals have been...