The US Government Accountability Office (GAO) issued recommendations to HHS surrounding its oversight of ransomware practices across the sector in a recent report. The report assessed four federal...
US Senators Angus King (I-ME) and Marco Rubio (R-FL) introduced the Strengthening Cybersecurity in Health Care Act, aimed at bolstering cybersecurity efforts within HHS.
Specifically, the act would...
UPDATE 2/13/24 - This article has been updated to reflect new information about the cyberattack on Lurie Children's Hospital.
Lurie Children's Hospital has entered its third week of...
The Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note about Akira ransomware, a group that has been active since at least May 2023. In its short tenure, Akira has conducted...
KLAS Research recognized several leading security and privacy vendors as Best in KLAS winners for 2024. The 2024 Best in KLAS software and services winners were designated based on information...
ECRI named ransomware as one of the top ten health tech hazards of 2024 in its annual report, following a record year for healthcare data breaches. Ransomware and other cyber risk areas have made...
Florida lawmakers have proposed new legal protections for businesses facing claims of negligence in data breach lawsuits in the recently introduced Florida House Bill No. 473.
Also known as the...
The healthcare sector was hit hard by data breaches in 2023, with more than 540 organizations reporting breaches to HHS last year. Ransomware remains a top threat to healthcare, as exemplified by the...
HHS has released sector-specific cybersecurity performance goals (CPGs) to help the sector prioritize key security actions and reduce risk. The voluntary CPGs consist of “essential” and...
The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert to warn healthcare organizations of recent threat actor activity involving the abuse of ScreenConnect, a widely used...
The American Hospital Association (AHA) warned hospitals of a validated IT help desk social engineering scheme and encouraged hospitals to remain vigilant and notify the Federal Bureau of Investigation...
New York Attorney General Letitia James reached an agreement with Refuah Health Center over alleged failures to protect the private health information of patients, which led to a ransomware attack....
The US Government Accountability Office (GAO) released a report on medical device cybersecurity to address limitations in federal agencies’ authority, explore challenges in accessing federal...
The Cybersecurity and Infrastructure Security Agency (CISA) published a cybersecurity advisory based on key findings that the agency uncovered during a risk and vulnerability assessment (RVA) conducted...
The US Department of Justice (DOJ) has successfully disrupted the BlackCat ransomware group and offered a decryption tool to more than 500 victims around the world. Also known as ALPHV or Noberus,...
The American Hospital Association (AHA) expressed dissatisfaction with parts of HHS’ recently released healthcare cybersecurity strategy, which was unveiled in early December. Specifically, the...
Open-source software (OSS) is the foundation of modern software development, but it can also expose critical infrastructure sectors to cybersecurity risks, the HHS Health Sector Cybersecurity...
HHS released a concept paper outlining the department’s long-awaited healthcare cybersecurity strategy and establishing goals for improving the sector’s cybersecurity posture. The...
Hospitals should take immediate action to protect against the Citrix Bleed cybersecurity vulnerability, the American Hospital Association (AHA) warned, following multiple alerts by government agencies...
Capital Health, which operates two hospitals in New Jersey and other regional care sites, is experiencing a network outage caused by what it believes to be a cyberattack. The healthcare organization is...
