Hospitals should take immediate action to protect against the Citrix Bleed cybersecurity vulnerability, the American Hospital Association (AHA) warned, following multiple alerts by government agencies...
Capital Health, which operates two hospitals in New Jersey and other regional care sites, is experiencing a network outage caused by what it believes to be a cyberattack. The healthcare organization is...
New York Attorney General Letitia James issued a consumer alert to warn New Yorkers about the potential impacts of a data breach that occurred at Perry Johnson & Associates (PJ&A), a medical...
Grocery chain Kroger is facing two class action lawsuits tied to its use of tracking technologies. Both lawsuits alleged that Kroger pharmacy patients were not informed that their health data was being...
Healthcare software-as-a-service company Welltok recently notified 8.5 million individuals of a data breach stemming from the May 2023 MOVEit hack. The incident signifies one of the largest breaches...
Ardent Health Services, which owns 30 hospitals and 200 sites of care across six states, confirmed a healthcare cyberattack that occurred on the morning of November 23. Hospitals in multiple states...
The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a brief about Emotet, a notorious malware strain that has impacted the healthcare sector for years. Emotet has been operational...
The Cybersecurity and Infrastructure Security Agency (CISA) issued a cybersecurity vulnerability mitigation guide for the healthcare sector, stressing the importance of remediating known...
The HHS Office for Civil Rights (OCR) completed a HIPAA investigation into New York-based Saint Joseph’s Medical Center following claims that the organization had impermissibly disclosed COVID-19...
HC3 issued an analyst note regarding BlackSuit ransomware, a relatively new group that appears to be similar to the Royal ransomware family and its notorious predecessor, Conti ransomware. HC3 warned...
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint...
UPDATE,11/16/2023: The HHS data breach portal now shows that the Perry Johnson & Associates data breach impacted nearly 9 million individuals, making it one of the largest reported healthcare...
New York Governor Kathy Hochul proposed a set of sweeping cybersecurity regulations that would apply to hospitals across the state, along with $500 million in funding to help healthcare facilities...
New York Attorney General Letitia James announced a $450,000 settlement with US Radiology Specialists over alleged health data security failures that resulted in a ransomware attack. The Attorney...
Henry Schein, a major distributor of healthcare products across 32 countries, suffered a cyberattack in mid-October that disrupted some of its manufacturing and distribution operations.
A few weeks...
US Senators Mark Warner (D-VA), Bill Cassidy (R-LA), John Cornyn (R-TX), and Maggie Hassan (D-NH) launched a bipartisan Senate healthcare cybersecurity working group. The group will focus on proposing...
The American Hospital Association (AHA) has sued the federal government over the HHS Office for Civil Rights’ (OCR) stance on tracking technology use in healthcare. Joined by the Texas Hospital...
HITRUST issued a response to the White House’s request for information (RFI) on the harmonization of cybersecurity regulations, suggesting that regulation alone is not a fix to the ongoing cyber...
The International Counter Ransomware Initiative (CRI) held its third summit in Washington, DC, with representatives from 50 countries joining together to build upon counter-ransomware projects and...
The HHS Office for Civil Rights (OCR) announced a $100,000 settlement to resolve a data breach investigation with Doctors’ Management Services, a Massachusetts-based medical management company...
