Lorenz ransomware poses a threat to the healthcare sector, particularly larger organizations, the Health Sector Cybersecurity Coordination Center (HC3) warned in its latest analyst note. The...
In the 2022 edition of its annual report on HHS’s top management and performance challenges, the Office of Inspector General (OIG) called on HHS to improve data governance, secure HHS systems,...
Forefront Dermatology, which operates dermatology offices across the US, reached a $3.75 settlement to resolve a class action lawsuit stemming from a May 2021 healthcare data breach.
The breach was...
NewYork-Presbyterian (NYP) Hospital notified approximately 12,000 patients of a breach that occurred in September 2022. The hospital received an alert of suspicious server activity on September 8, its...
HHS, the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint cybersecurity advisory about Hive ransomware actors. The ransomware actors...
Although security professionals may take holidays and weekends off, threat actors do not. New research from Cybereason found that holiday and weekend ransomware attacks resulted in greater revenue...
The US Food and Drug Administration (FDA) and MITRE released an updated version of their “Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook.” The playbook...
Dual Russian and Canadian national Mikhail Vasiliev was charged for his alleged involvement in the global LockBit ransomware campaign, the Department of Justice (DOJ) announced. LockBit has been known...
New cybersecurity vulnerabilities are a constant challenge for organizations of all sizes, Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure...
In a new analyst note, the Health Sector Cybersecurity Coordination Center (HC3) warned the healthcare sector to remain vigilant against Venus ransomware. The variant, also known as GOODGAME, has been...
Chicago-based Lurie Children’s Hospital settled a data breach lawsuit outside of court relating to a security incident that began in 2018. The hospital agreed to implement additional security...
Healthcare risk management solutions company Censinet, along with the American Hospital Association (AHA) and KLAS Research, announced plans to conduct “The Healthcare Cybersecurity Benchmarking...
Aveanna Healthcare reached a proprosed settlement to resolve a healthcare data breach lawsuit stemming from a 2019 string of phishing attacks that impacted hundreds of thousands of Massachusetts...
The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a detailed brief exploring the Iranian threat landscape and its implications for the US healthcare sector.
Iranian threat actors...
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), released a joint...
Senate Select Committee on Intelligence Chairman Mark R. Warner (D-VA) released a policy options paper entitled “Cybersecurity is Patient Safety,” to address key healthcare...
President Biden issued a proclamation declaring November as Critical Infrastructure Security and Resilience Month. The President highlighted ways in which the Administration has taken action to protect...
Pennsylvania-based Keystone Health is facing a class action lawsuit over a 2022 data breach that impacted more than 235,000 individuals.
As previously reported, Keystone Health discovered a security...
UPDATE 11/1/2022 - OpenSSL provided vulnerability guidance for CVE-2022-3786 and CVE-2022-3602. CVE-2022-3602 is no longer labeled as "critical" and was downgraded to "high" after further...
Medical device security continues to be a top concern in the healthcare sector. The prevalence of legacy devices, the increasing interconnectedness of the sector, and the need for industry-wide...