New York-based One Brooklyn Health is slowly recovering from a cybersecurity incident detected on Nov. 19 that disrupted a variety of IT systems at its three safety-net hospitals and other care facilities. The organization's CEO says there has been progress in investigation and remediation.
Especially for healthcare organizations, repelling ransomware attacks hinges on having robust monitoring and defenses in place to spot the signs of an unfolding attack and shut it down before crypto-locking malware gets unleashed, says Peter Mackenzie, director of incident response at Sophos.
Patients of at least seven hospitals affiliated with CommonSpirit have been affected by a data breach involving the Chicago-based hospital chain's October ransomware incident. None of the affected hospitals appear to have filed a breach report with the U.S. Department of Health and Human Services.
The prospect of attackers using voice impersonation, deepfake technologies and misinformation against healthcare sector entities is a serious threat that entities need to be closely monitoring, says Dave Summit, vice president of cybersecurity at Florida Cancer Specialists and Research Institute.
Medical providers are facing growing data security and privacy threats from their trusted partners - a wide array of business associates from medical records software firms to debt collection agencies. Learn why breaches are up 102% and what providers can do to defend against them.
With the surge in ransomware and other major hacking incidents affecting third-party suppliers, it is more critical than ever for healthcare sector entities to diligently scrutinize threats and risks involving their vendors, says Denise Anderson, president and CEO of the Health-ISAC.
Based on known ransomware attacks against the healthcare sector, here's good news: The volume of attacks seems to have declined, says Allan Liska, a principal intelligence analyst at Recorded Future. Unfortunately, most such attacks not only trigger downtime but include the theft of patient data.
The Department of Health and Human Services has issued a new proposed rule to better align the HIPAA privacy and breach notification rules with regulations involving the confidentiality of records pertaining to patients receiving treatment for substance use disorders.
Healthcare providers and their vendors often fear federal regulatory action, but do fines and corrective action many any difference at all? As breach cases have nearly doubled since 2018, federal fines dropped 93% in 2022, and some say the agency is understaffed and crippled by legal challenges.
The shortage of cybersecurity professionals in the United States includes a scarcity of expertise in medical device security, says Bill Aerts, senior fellow and managing director of the University of Minnesota's recently launched Center for Medical Device Cybersecurity.
Cybersecurity experts warn that large healthcare and public sector organizations are continuing to get hit by "big-game hunting" attackers wielding Lorenz ransomware. Among the group's known victims are Wolfe Eye Clinic in Iowa and Salud Family Health of Colorado.
Over 5,000 major health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Experts explain why it's such a dangerous game.
Ten state attorneys general are urging Apple to address privacy and security gaps in third-party applications available on the App Store that track, collect or store reproductive health data. The letter comes as scrutiny intensifies over how large tech firms handle sensitive health data.
Authorities charged six people, including five former Tennessee hospital workers, with conspiracy in disclosing health data. Federal prosecutors say the six sold information about patients involved in motor vehicle accidents to third parties, including chiropractors and personal injury attorneys.
U.S. federal authorities are warning critical infrastructure sectors including healthcare to be on the lookout for indicators of Hive ransomware. Healthcare is a particular favorite of Hive affiliates because hospitals and other medical providers often pay ransoms.