Massachusetts-based ReproSource Fertility Diagnostics reached a $1.25 million settlement to resolve claims of negligence tied to a 2021 data breach. ReproSource, which was acquired by Quest Diagnostics...
Novant Health agreed to pay $6.6 million to settle a class action lawsuit surrounding improper disclosures of protected health information (PHI) due to the health system’s use of third-party...
New York Attorney General Letitia James reached an agreement with Refuah Health Center over alleged failures to protect the private health information of patients, which led to a ransomware attack....
Capital Health has restored all systems and operations in the wake of a November 2023 cyberattack that caused a network outage, it assured patients in a recent update. However, LockBit ransomware has...
Missouri-based North Kansas City Hospital (NKCH) and its transcription subsidiary, Meritas Health Corporation, recently notified more than 500,000 individuals of a third-party data breach stemming from...
New York Attorney General Letitia James fined the NewYork-Presbyterian Hospital (NYP) $300,000 over its use of tracking tech that resulted in private information being shared with third-party tech...
Fallon Ambulance Service, a medical transportation company that served the greater Boston area, reported a data breach that impacted more than 911,000 individuals. Fallon was a subsidiary of...
The US Government Accountability Office (GAO) released a report on medical device cybersecurity to address limitations in federal agencies’ authority, explore challenges in accessing federal...
ESO Solutions, a healthcare software company, notified 2.7 million individuals of a data breach caused by a September 2023 ransomware attack against its systems. ESO Solutions provides software to...
Lawmakers have urged HHS to consider revising HIPAA to further protect patient privacy after observing routine disclosures of patient information from major pharmacy chains to law enforcement agencies...
The Cybersecurity and Infrastructure Security Agency (CISA) published a cybersecurity advisory based on key findings that the agency uncovered during a risk and vulnerability assessment (RVA) conducted...
The US Department of Justice (DOJ) has successfully disrupted the BlackCat ransomware group and offered a decryption tool to more than 500 victims around the world. Also known as ALPHV or Noberus,...
The HHS Office for Civil Rights (OCR) announced its 46th enforcement action under the HIPAA Right of Access Initiative. The enforcement action resolved an investigation into Optum Medical Care, a...
Delta Dental of California informed nearly 7 million individuals of a data breach stemming from the May 2023 hack of Progress Software’s MOVEit Transfer software.
As previously reported,...
Illinois-based Harrisburg Medical Center (HMC) filed a data breach notice with the Maine Attorney General’s Office regarding a December 2022 breach. The breach impacted 147,826 individuals in...
The American Hospital Association (AHA) expressed dissatisfaction with parts of HHS’ recently released healthcare cybersecurity strategy, which was unveiled in early December. Specifically, the...
New York Attorney General (NYAG) Letitia James reached a settlement with Healthplex, a large dental insurance provider, following a data breach that occurred in November 2021. Healthplex agreed to pay...
Open-source software (OSS) is the foundation of modern software development, but it can also expose critical infrastructure sectors to cybersecurity risks, the HHS Health Sector Cybersecurity...
Kentucky-based Norton Healthcare confirmed that a May 2023 ransomware attack on the health system impacted 2.5 million individuals, according to a report filed with the Maine Attorney General’s...
HHS reached its first-ever phishing attack settlement with Lafourche Medical Group, a Louisiana-based medical group that specializes in emergency medicine, lab testing, and occupational medicine....
