Healthcare Information Security

Cybersecurity News

Cybercriminals Using Innovative GrandCrab for Ransomware Attacks

August 21, 2018 - Over the last few months, cybercriminals have begun using the innovative GrandCrab ransomware for their ransomware attacks, according to Fortinet’s Threat Landscape Report Q2 2018. GrandCrab is the first ransomware to accept Dash cryptocurrency and to be based on a ransomware-as-a-service model that shares profits between malware developers and cybercriminals. In addition,...


Articles

Americans Fret About Loss of Control Over Personal Information

by

Americans are concerned about loss of control over their personal information, according to a survey conducted by the US Census Bureau. Virtually the same number of households identified loss of control over personal data as a major...

Philips Delays Fix for Cardiograph Cybersecurity Vulnerabilities

by

Philips does not intended to fix cybersecurity vulnerabilities in its PageWriter Cardiograph devices, which could allow attackers to modify settings on the devices, until mid-year 2019, according to an August 16 advisory from...

Judge Gives Final OK to $115M Anthem Data Breach Settlement

by

US District Judge Lucy Koh has given final approval to a $115 million settlement that ends further claims against Anthem over its 2015 data breach that exposed personal information on 79 million people. Potentially exposed data included...

417K Patients Exposed In Latest Phishing Attack at AU Health

by

Close to half a million people may have had their PHI and other personal information exposed in a September 2017 phishing attack that impacted the Augusta University (AU) Health system. Another phishing attack on July 11, 2018, may have...

OIG Faults Maryland for Inadequate Medicaid Data Security

by

The HHS Office of Inspector General (OIG) has found that Maryland’s Medicaid data security program has failed to secure sensitive data and information systems. An OIG audit released August 14 concluded that numerous, significant...

258K People At Risk in Adams County of Wisconsin Data Breach

by

Personal information, including PHI, on 258,120 people was exposed in a data breach of the Adams County, Wisconsin, computer system. The Adams County government said in an August 10 release that the breach involved PII, PHI, and tax...

Healthcare Data Security Angst Drives Biometrics Market Growth

by

Concerns about healthcare data security and privacy are fueling rapid growth in the healthcare biometrics market, which is forecast by Verified Market Intelligence to grow at a 19.1 percent CAGR through 2025. The market is expected...

Cybersecurity Vulnerabilities Lurk in Philips IntelliSpace System

by

ICS-CERT is warning about cybersecurity vulnerabilities in Philips’ IntelliSpace Cardiovascular (ISCV) cardiac image and information management systems that could enable an attacker to escalate privileges on the ISCV server and...

McAfee Uncovers Cybersecurity Vulnerabilities in Patient Monitors

by

McAfee Labs has discovered cybersecurity vulnerabilities in a protocol used by patient monitors to communicate with central monitoring stations. If hackers could exploit the weakness in the RWHAT protocol used by connected medical devices...

Medtronic Criticized for Lax Medical Device Security Response

by

Researchers Billy Rios and Jonathan Butts criticized Medtronic’s response to medical device security issues in its products during a presentation at the BlackHat security conference held last week in Las Vegas. The researchers said...

3.15M Records Exposed by 142 Healthcare Data Breaches in Q2 2018

by

In the second quarter of 2018, 3.15 million patient records were compromised in 142 healthcare data breaches, according to the Protenus Breach Barometer. A discouraging 30 percent of privacy violations involved repeat offenders,...

ICS-CERT Flags Medtronic Devices for Cybersecurity Vulnerabilities

by

A Medtronic patient monitor and an insulin pump were flagged this week by ICS-CERT for cybersecurity vulnerabilities that could expose sensitive data to attackers. The Medtronic MyCareLink patient monitor suffers from insufficient...

Court Rejects Review of FTC Actions in LabMD Data Security Case

by

A federal appeals court rejected a request by LabMD founder Michael Daugherty for a review of a previous decision that shielded FTC lawyers from allegations that they engaged in unfair enforcement action regarding the now-defunct medical...

Healthcare IT Security Worst of Any Sector With External Threats

by

Healthcare IT security is the worst of any sector when it comes to external security posture, according to a recent report by security advisory firm Coalfire. The Coalfire Penetration Risk Report used customer penetration test data...

Man Convicted of DDoS Attack Against Boston Children’s Hospital

by

Martin Gottesfeld of Somerville, Massachusetts, was convicted by a federal jury of carrying out a DDoS attack against Boston Children’s Hospital and against Wayside Youth and Family Support Network, the Department of...

SamSam Ransomware Attacks Net Creator $6M So Far

by

SamSam ransomware attacks, which have targeted healthcare organizations, has netted its creator $6 million so far, according to a recent report by security firm Sophos. Three-quarters of the victims are based in the United States, and the...

FBI Warns About Attackers Targeting Internet of Things Devices

by

Healthcare organizations are increasingly deploying Internet of Things (IoT) devices to improve employee productivity and patient care. However, those same devices are being targeted by cybercriminals, warned the FBI in an August 2 public...

Accidents Were Most Frequent Cause of Healthcare Data Breaches

by

In the second quarter of 2018, the most frequent cause of healthcare data breaches was accidental disclosures, according to incidents reported to the Beazley Breach Response Services team.  Accidental disclosures made up 38 percent...

Phishing Attack Exposes PHI of 1.4M UnityPoint Health Patients

by

Iowa-based UnityPoint Health said July 30 that it notified approximately 1.4 million patients of a recent email phishing attack incident that may have compromised their PHI. Patient information that might have...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks