Cybersecurity

How HHS Cybersecurity Performance Goals Will Impact Healthcare

by Jill McKeon

HHS recently unveiled healthcare-specific cybersecurity performance goals (CPGs) with the intent of helping the sector prioritize the implementation of key security best practices. On their surface, the voluntary CPGs are straightforward,...

Insurance Broker Data Breach Impacts 1.5M Individuals

by Jill McKeon

Insurance brokerage company Keenan & Associates recently notified more than 1.5 million individuals of a data breach. Keenan provides insurance and risk management solutions for schools, colleges,...

FL Bill Seeks to Reduce Cyber Incident Liability For Entities That Meet Industry Standards

by Jill McKeon

Florida lawmakers have proposed new legal protections for businesses facing claims of negligence in data breach lawsuits in the recently introduced Florida House Bill No. 473. Also known as the...

Researchers Observe Increase in Emerging Ransomware Groups Targeting Healthcare

by Jill McKeon

The healthcare sector was hit hard by data breaches in 2023, with more than 540 organizations reporting breaches to HHS last year. Ransomware remains a top threat to healthcare, as exemplified by the...

HHS Unveils Healthcare Cybersecurity Performance Goals

by Jill McKeon

HHS has released sector-specific cybersecurity performance goals (CPGs) to help the sector prioritize key security actions and reduce risk. The voluntary CPGs consist of “essential” and...

Mississippi Health System Suffers Ransomware Attack, 253K Individuals Impacted

by Jill McKeon

Singing River Health System in Mississippi suffered a ransomware attack in August 2023 that resulted in a data breach. The breach impacted 252,890 individuals in total, according to a notice provided...

Threat Actors Abuse ScreenConnect Access to Target Healthcare

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert to warn healthcare organizations of recent threat actor activity involving the abuse of ScreenConnect, a widely used...

AHA Warns Hospitals of IT Help Desk Social Engineering Scheme

by Jill McKeon

The American Hospital Association (AHA) warned hospitals of a validated IT help desk social engineering scheme and encouraged hospitals to remain vigilant and notify the Federal Bureau of Investigation...

Exploring the Role of Identity and Access Management in Healthcare

by Jill McKeon

Identity and access management (IAM) is a framework of processes, policies, and technologies that monitor digital identities, manage authentication controls, and grant employees and end users access to information that is relevant to their...

How the Executive Order on AI Will Impact Healthcare Cybersecurity

by Jill McKeon

Artificial intelligence (AI) continues to become ingrained into our society, and the regulations and guidance that govern it are evolving to match. In October 2023, President Biden issued an Executive Order on the Safe, Secure, and...

NY AG: Refuah Health Must Invest $1.2M In Security Following Ransomware Attack

by Jill McKeon

New York Attorney General Letitia James reached an agreement with Refuah Health Center over alleged failures to protect the private health information of patients, which led to a ransomware attack....

North Kansas City Hospital Impacted By PJ&A Data Breach

by Jill McKeon

Missouri-based North Kansas City Hospital (NKCH) and its transcription subsidiary, Meritas Health Corporation, recently notified more than 500,000 individuals of a third-party data breach stemming from...

Top Healthcare Cybersecurity Predictions For This Year

by Jill McKeon

As the new year begins, the healthcare sector will undoubtedly continue to grapple with a significant volume of cybersecurity threats and challenges. The year 2023 saw record-breaking data breach figures, with more than 540 organizations...

CISA’s Healthcare Risk and Vulnerability Assessment Reveals Sector-Wide Improvement Areas

by Jill McKeon

The Cybersecurity and Infrastructure Security Agency (CISA) published a cybersecurity advisory based on key findings that the agency uncovered during a risk and vulnerability assessment (RVA) conducted...

Harrisburg Medical Center Data Breach Impacts 147K Individuals

by Jill McKeon

Illinois-based Harrisburg Medical Center (HMC) filed a data breach notice with the Maine Attorney General’s Office regarding a December 2022 breach. The breach impacted 147,826 individuals in...

AHA Raises Concerns Over HHS Cybersecurity Strategy

by Jill McKeon

The American Hospital Association (AHA) expressed dissatisfaction with parts of HHS’ recently released healthcare cybersecurity strategy, which was unveiled in early December. Specifically, the...

NY AG Reaches $400K Settlement With Healthplex Over Data Breach

by Jill McKeon

New York Attorney General (NYAG) Letitia James reached a settlement with Healthplex, a large dental insurance provider, following a data breach that occurred in November 2021. Healthplex agreed to pay...

HC3 Explores Open-Source Software Risks in Healthcare Sector

by Jill McKeon

Open-source software (OSS) is the foundation of modern software development, but it can also expose critical infrastructure sectors to cybersecurity risks, the HHS Health Sector Cybersecurity...

HHS Unveils Healthcare Cybersecurity Strategy

by Jill McKeon

HHS released a concept paper outlining the department’s long-awaited healthcare cybersecurity strategy and establishing goals for improving the sector’s cybersecurity posture. The...

What the 23andMe Data Breach Reveals About Credential Stuffing

by Jill McKeon

Genetic testing company 23andMe notified 6.9 million individuals that their personal information was compromised in October 2023. However, 23andMe had no evidence that there was a data security incident within its systems. Instead, threat...