Healthcare Information Security

Cybersecurity News

DHS Finds Encryption Vulnerabilities in Medtronic Programmers

December 17, 2018 - The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team discovered encryption vulnerabilities in Medtronic’s 9790 and 2090 CareLink Programmers and 29901 Encore Programmers that could compromise patient data if exploited. According to officials, the programmers fail to encrypt the protected health information or personally identifiable...


Articles

AI, IoT, Medical Devices Top Health Cybersecurity Predictions for 2019

by

Cybersecurity continued to be a struggle for many in the healthcare sector this year, with several massive breaches, successful targeted phishing campaigns, and security events caused by human error. While providers struggled with the...

Reduce Employee Email Risk by Taking Decisions Away from Users

by

Employees and human error often top the list as the healthcare sector’s biggest threat. Considering they are the catalyst for clicking malicious links, engaging with targeted phishing campaigns and mistakenly sending emails to the...

Biggest Challenges, Lessons Learned from Health Cybersecurity in 2018

by

The cybersecurity issues faced by the healthcare sector in 2018 aren’t much different from those in recent years. However, hackers are increasing in sophistication and steadily improving success rates. The year started off with a...

How to Build a Balanced Healthcare Cybersecurity Budget

by

The majority of healthcare security stakeholders agree that cybersecurity budgets are underfunded. And frankly, health organizations aren’t keeping pace with hackers who are continuously improving in sophistication. Data security...

Ransomware Attack Impacts EHR of Rhode Island Provider

by

Rhode Island-based Thundermist Health Center was hit by a ransomware attack early Thursday, impacting some patient care. According to its website, officials acted quickly to contain the attack and were able to protect patient data and...

Pharmaceutical Companies Most Targeted Industry by Cybercriminals

by

Phishing attacks and fraudulent business email compromise against the pharmaceutical sector have jumped 149 percent in the past year, making the biopharma sector the most targeted industry by hackers. According to Proofpoint researchers,...

DOJ Indicts SamSam Hackers Behind Targeted Ransomware Attacks

by

The Department of Justice indicted two Iranian hackers behind the targeted and highly successful SamSam ransomware campaign that has plagued the healthcare sector for several years. The federal prosecutors charged Mohammad Mehdi Shah...

Pennsylvania Judge Rules UPMC Must Protect Employee Data

by

The Pennsylvania Supreme Court ruled last week that the University of Pittsburgh Medical Center is responsible for protecting personal employee data from hackers: The latest in a lengthy class-action lawsuit filed by UPMC employees against...

Weekend Ransomware Attack Interrupts Care at 2 Ohio Hospitals

by

Patients needing emergency care were diverted away from East Ohio Regional Hospital and Ohio Valley Medical Center over the weekend due to a ransomware attack. Officials confirmed the attack began on Friday night and continued into...

NIST Seeks Comment on Remote Monitoring, Telehealth Cybersecurity

by

The National Cybersecurity Center of Excellence at NIST is seeking industry feedback on a draft paper that outlines how to best secure remote monitoring devices and systems for telehealth providers. As many healthcare delivery...

New Stealthy Russian Hacking Tool Targets Government Agencies

by

A new Russian hacking tool is targeting government systems in the United States and Europe through spear-phishing attacks, using stealthy, sophisticated mechanisms to go undetected. Discovered by Palo Alto Networks, the...

Building a Secure Vendor Relationship with Inventory, Management

by

The healthcare sector has been a primary target of hackers for more than a year, and the attacks continue to increase in sophistication. While many providers have adjusted their security posture in attempt to shore up some of these...

Hospital Leaders Feel Underprepared for Cybersecurity Threats

by

About 75 percent of providers and 62 percent of administrators feel underprepared to face cybersecurity risks, due to staffing, training, and awareness, according to a new report from medical device manufacturer Abbott and the Chertoff...

Homeland Security Gains Cybersecurity Agency with New Legislation

by

The House of Representatives unanimously passed legislation on Monday, establishing the Cybersecurity and Infrastructure Security Agency with the Department of Homeland Security. The Senate passed the bill in October, and it now heads to...

VUMC Fights Healthcare Phishing with Multi-Factor Authentication

by

The healthcare sector has remained a primary target for phishing attacks in recent years, with highly targeted viruses like SamSam and Ryuk wreaking havoc on the industry. In fact, one in every hundred emails sent globally has malicious...

SSNs, Tax Data Exposed in Healthcare.gov Health Data Breach

by

Partial Social Security numbers (SSNs), immigration status, and tax information might have been stolen as a result of the health data breach on the Healthcare.gov portal last month. In October, CMS admitted to a breach of...

HITRUST’s New Threat Catalogue Key Component of Risk Analysis

by

The Health Information Trust Alliance (HITRUST) has released its threat catalogue that provides healthcare organizations and other firms with visibility into cyber risks to their information, assets, and operations. The HITRUST threat...

Cybersecurity Vulnerabilities Flagged in Roche Handheld Devices

by

ICS-CERT is warning about cybersecurity vulnerabilities in Roche point-of-care handheld medical devices. The devices, which go by the names Accu-Chek and CoaguChek, suffer from improper authentication, OS command injection, unrestricted...

NJ Fines Vendor Behind Virtua Healthcare Data Breach $200K

by

New Jersey is slapping a $200,000 fine on a defunct Georgia-based medical transcription company that caused the Virtua Medical Group breach impacting more than 1,650 individuals in 2016. The $200,000 fine includes $191,492.00 in civil...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...