Cybersecurity

Pen Testing Data Highlights Gaps in Healthcare Cybersecurity

by Jill McKeon

Penetration (“Pen”) testing is a key tool in maintaining healthcare cybersecurity and identifying potential security gaps and vulnerabilities before threat actors can. Security firm...

DOJ Charges 3 Iranian Nationals Over Critical Infrastructure Ransomware Attacks

by Jill McKeon

The US Department of Justice (DOJ) charged three Iranian nationals with allegedly executing multiple ransomware attacks and other extortion schemes against US critical infrastructure entities,...

FBI Warns of Patient Safety, Security Risks Associated With Legacy Medical Devices

by Jill McKeon

The Federal Bureau of Investigation (FBI) released a notice outlining the security and patient safety risks associated with unpatched and legacy medical devices. The FBI has observed a recent uptick...

Law Firm Confirms Data Security Incident, 255K Impacted

by Jill McKeon

Law firm Warner Norcross & Judd (WNJ) reported a data security incident to HHS that impacted 255,160 individuals. WNJ discovered unauthorized activity on some of its systems in October 2021 and...

HC3 Details Healthcare Cybersecurity Implications of AI, 5G, Emerging Tech

by Jill McKeon

As emerging technologies continue to revolutionize patient care, organizations must also consider the healthcare cybersecurity implications that come along with them. The Health Sector Cybersecurity...

Alabama Women’s Health Center Suffers Data Breach, 34K Impacted

by Jill McKeon

Birmingham, Alabama-based Henderson & Walton Women’s Center, P.C. (HWWC) disclosed a data breach that impacted more than 34,000 individuals. It is unclear when the breach began, but HWWC said...

CO Urology Practice Resolves Healthcare Data Breach Lawsuit With Settlement

by Jill McKeon

The Urology Center of Colorado (TUCC) reached a proposed settlement to resolve a class-action healthcare data breach lawsuit filed in the aftermath of a September 2021 breach that impacted 137,820...

How Healthcare Cyberattacks Can Impact Patient Safety, Care Delivery

by Jill McKeon

Along with documented financial losses and reputational harm, healthcare cyberattacks may endanger patient safety and adversely impact care delivery. With the goal of understanding how various...

Additional Orgs Report Aftermath of OneTouchPoint Data Breach

by Jill McKeon

Common Ground Healthcare Cooperative and Medical Mutual of Ohio each submitted reports regarding the OneTouchPoint (OTP) data breach to the HHS Office for Civil Rights (OCR) recently. OTP originally...

OIG Calls On HRSA to Improve Data Security of Organ Transplant Network

by Jill McKeon

UPDATED 9/7/2022 - This article has been updated to include a statement provided by the United Network for Organ Sharing (UNOS). The Health Resources and Services Administration (HRSA), under HHS, has...

5 Security Vulnerabilities Found in Contec Vital Signs Patient Monitors

by Jill McKeon

The Cybersecurity and Infrastructure Security Agency (CISA) released a medical device advisory outlining five vulnerabilities found in Contec Health’s CMS8000 CONTEC ICU CCU Vital Signs Patient...

Health-ISAC Provides Zero Trust Security Guidance to Healthcare CISOs

by Jill McKeon

When properly implemented, zero trust security strategies can help healthcare organizations bolster their security efforts. However, the sector faces unique challenges surrounding IoT devices and...

Evil Corp Cybercriminal Syndicate Poses Threat to Healthcare Cybersecurity

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) issued a threat profile about Evil Corp and warned that the prolific group could threaten healthcare cybersecurity. The Russian-based...

Small Healthcare Orgs Point to Cybersecurity As Barrier to Cloud Adoption

by Jill McKeon

Healthcare organizations are right to prioritize cybersecurity considering today’s threats, but increasing complexity in cybersecurity may be making it harder to advance cloud adoption and...

Proprietary Info, Source Code Stolen in LastPass Data Breach

by Jill McKeon

LastPass, a password manager with 25 million users around the world, disclosed a data breach to its customers. After detecting unusual activity in early August, LastPass discovered that an unauthorized...

KLAS Evaluates Healthcare Cybersecurity, Data Privacy Consulting Vendors

by Jill McKeon

More healthcare organizations are engaging with healthcare cybersecurity and data privacy consulting vendors to help mitigate risk and avoid the numerous repercussions of healthcare cyberattacks, data...

HC3 Warns Healthcare Sector of Karakurt Ransomware Group

by Jill McKeon

The HHS Health Sector Cybersecurity Coordination Center (HC3) alerted the healthcare sector to the rising prominence of Karakurt ransomware group. The group has claimed responsibility for at least four...

US Orgs Have Suffered 5,000 Healthcare Data Breaches Since 2009

by Jill McKeon

From 2009 to June 2022, organizations reported nearly 5,000 healthcare data breaches to the HHS Office for Civil Rights (OCR) data breach portal, researchers at Comparitech found. The breaches impacted...

CA Department of Corrections Suffers Healthcare Data Breach

by Jill McKeon

The California Department of Corrections and Rehabilitation (CDCR) discovered a potential healthcare data breach following routine maintenance on its information systems, a notice on its website...