Health Care News, Articles and Updates

Massachusetts General Hospital data breach affects 4.3K patients

Massachusetts General Hospital data breach affects 4.3K patients

By

Fingers are pointing at a third-party vendor as the culpable party behind the exposure of personally identifiable information of 4,300 patients of Massachusetts General Hospital (MGH).

X-ray and MRI machines among devices used as springboards for data breach attacks

X-ray and MRI machines among devices used as springboards for data breach attacks

By

An x-ray machine, an oncology system, an MRI machine: These are all important healthcare devices that researchers found harboring malware capable of installing backdoors on other connected systems for the purpose of exfiltrating data.

Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace

Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace

By

A hacker with the ominous nickname "thedarkoverlord" appears to have stolen more than 650,000 medical records from three separate healthcare institution databases, and has made them available for sale on the darknet online marketplace TheRealDeal.

HHS may copy the DoD's Hack the Pentagon program

HHS may copy the DoD's Hack the Pentagon program

By

Citing the success enjoyed by the DoD's Hack the Pentagon bug bounty program, the HHS is considering using ethical hackers to discover flaws in medical devices and systems.

Healthcare struggles to protect privacy of PHI

Healthcare struggles to protect privacy of PHI

By

As the healthcare industry strives to bring data from different sources together to create longitudinal patient records, organizations must find ways to minimize and de-identify data to better protect its privacy.

Variant of Cerber ransomware features bot capabilities that could launch DDoS attacks

Variant of Cerber ransomware features bot capabilities that could launch DDoS attacks

By

Researchers at endpoint security solutions company Invincea have discovered a new variant of Cerber ransomware that could lock out legitimate users, while still allowing attackers to potentially launch DDoS attacks against other networks.

Ponemon: 89% of surveyed health care orgs breached in last two years; cybercrime top cause

Ponemon: 89% of surveyed health care orgs breached in last two years; cybercrime top cause

By

For the second consecutive year, Ponemon Institute's annual study on the state of security and privacy in health care found that cybercrime was the leading cause of data breaches among hospitals and other medical providers.

NHS sharing unfiltered medical data on 1.6M patients with Google AI company

NHS sharing unfiltered medical data on 1.6M patients with Google AI company

By

As part of a joint venture to develop groundbreaking healthcare apps, the UK's National Health Service (NHS) has agreed to share new and historical healthcare data on 1.6 million patients with Google's AI company DeepMind.

Cybersecurity Caucus: FDA guidelines protect medical devices from hackers

Cybersecurity Caucus: FDA guidelines protect medical devices from hackers

By

Rep. James Langevin wrote an open letter to the Food and Drug Administration's (FDA) praising draft guidance that would strengthen the cybersecurity of medical devices.

Research: Over 6,000 data breaches in key industry sectors since 2005

Research: Over 6,000 data breaches in key industry sectors since 2005

By

The Identity Theft Resource Center (ITRC) and IDT911 said that to date, the financial services, business, education, government and healthcare industrial sectors have experienced over 6,000 data breaches since 2005.

California ransomware bill supported by Hollywood hospital passes committee

California ransomware bill supported by Hollywood hospital passes committee

By

A proposed California legislation imposing specific penalties for ransomware took a step forward yesterday when the state senate's Public Safety Committee passed the bill at a hearing featuring testimony from Hollywood Presbyterian Medical Center.

Federal court bucks trend, rules general liability insurance covers data breach

Federal court bucks trend, rules general liability insurance covers data breach

By

A federal appeals court upheld a ruling that insurance firm Travelers Indemnity Co., under the terms of a commercial general liability policy, must defend its client, Portal Healthcare Solutions, in a lawsuit stemming from a data breach.

Report: 14% of doctors keep patient data on cell phones, don't use password

Report: 14% of doctors keep patient data on cell phones, don't use password

By

A new report found 28 percent of doctors store patient data on their cell phones, and 80% of doctors use a mobile device as a tool to assist their daily practice.

Personal laptop, possibly containing data on 5M patients, stolen from HHS facility

Personal laptop, possibly containing data on 5M patients, stolen from HHS facility

By

A personal laptop and hard drives that may have contained data on close to 5 million medical patients was stolen from a Washington State federal building, prompting calls for the Department of Health and Human Services to reveal the extent of the damage.

Another Canadian hospital hit with ransomware attack, spreads TeslaCrypt

Another Canadian hospital hit with ransomware attack, spreads TeslaCrypt

By

Malwarebytes researchers spotted another ransomware attack against a Canadian hospital.

Researchers detect surge in Samsam ransomware that spreads via vulnerabilities

Researchers detect surge in Samsam ransomware that spreads via vulnerabilities

By

A ransomware campaign with an unusual method of propagation—infecting servers via unpatched vulnerabilities, then spreading laterally across the local network—experienced a marked spike in activity Monday, according to researchers at Talos.

Hospitals in Kentucky, SoCal become latest targets of hackers

Hospitals in Kentucky, SoCal become latest targets of hackers

By

The scourge of malware attacks against hospitals continued this week, including a ransomware assault targeting Henderson, Ky.-based Methodist Hospital and another possible ransomware incident at two Southern California facilities.

FTC, legislators call for improvements in health-care IT laws, including ransomware protection

FTC, legislators call for improvements in health-care IT laws, including ransomware protection

By

A federal hearing on standardizing and modernizing health information technology resulted in calls for new or revised legislation to fill in gaps in cybersecurity law.

House subcommittee questions VA CIO over security weaknesses

House subcommittee questions VA CIO over security weaknesses

By

The Department of Veterans Affairs CIO LaVerne Council was questioned by lawmakers Wednesday at a House Oversight subcommittee hearing.

Oncology clinic breached, patient data stolen

Oncology clinic breached, patient data stolen

By

21st Century Oncology was asked by the Federal Bureau of investigation to delay notification of patients that there information had been taken when a third-party gained unauthorized access to one of its databases.

Stolen laptop exposes PII of over 200K Premier Healthcare patients

By

Premier Healthcare, a Bloomington, Indiana-based healthcare provider, suffered a data breach when a thief stole a laptop containing patient information from the company's billing department.

Health care horror stories...and cures

By

The health care industry must step up when it comes to addressing its steady stream of IT security risks, says Illena Armstrong, VP, editorial, SC Magazine.

First, do no harm: Medical devices

First, do no harm: Medical devices

By

The growing value of medical data and the rise of IoT are testing health care's lagging infrastructure. Alan Earls reports.

York Hospital breach compromises PII of 1,400 employees

York Hospital breach compromises PII of 1,400 employees

By

York Hospital in Maine reported a breach of employees' identifying information but said patient information was not targeted.

Hackers of the Caribbean: Alleged cyber activist arrested after Disney Cruise rescues his boat

Hackers of the Caribbean: Alleged cyber activist arrested after Disney Cruise rescues his boat

By

Martin Gottesfeld, 31, under investigation for a cyberattack on Boston Children's Hospital, was arrested after a Disney Cruise ship rescued him and his wife from a stranded boat off Cuba.

Magnolia Health Corporation suffers breach after falling for spoofed CEO email

By

An authorized party obtained employee data from California rehabilitation and nursing home health-care provider Magnolia Health Corporation, after posing as the company's CEO in a spoofed email.

Employees mishandle data, violate HIPAA in Washington State Medicaid breach

By

The Washington State Health Care Authority (HCA) announced yesterday that employees at two state agencies committed a HIPAA violation by improperly exchanging private data pertaining to its Apple Health Medicaid clients.

Missing drives contained PHI on 950K Centene customers

By

During an inventory of its IT assets, health insurer Centene discovered that six hard drives containing personal and health information on 950,000 customers had gone missing.

Flint hospital hit with cyber attack after Anonymous threatens action

Flint hospital hit with cyber attack after Anonymous threatens action

By

Hurley Medical Center in Flint, Mich. was hit by a cyber attack Thursday after Anonymous threatened to take action over for the city's water crisis.

Henry Schein to pay $250K to FTC for misleading encryption claims

Henry Schein to pay $250K to FTC for misleading encryption claims

By

The Henry Schein Practice Solutions, Inc. agreed to pay a $250,000 fine to the FTC for falsely advertising the level of encryption it used to safeguard patient data.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US