TrapX published a report on "medical device hijack," or MEDJACK, which allows attackers to build backdoors into healthcare providers' networks.
Legislation, mobility and personalization are forces driving healthcare in the U.S., Frank Kim said at RSA Conference 2015.
No evidence directly links the group to the attacks, but clues hint at Anonymous' signature traits.
When it comes to the causes of data breaches in health care, these are four scenarios that could have easily been prevented.
Health care providers and their patients both have parts to play in the high-stakes game of protecting sensitive medical information, especially as technology becomes easier to implement and enforcement of regulations intensifies.
A Florida-based health insurance provider has been hit with a class-action lawsuit after it revealed earlier this year that thieves had stolen two company laptops containing the personal information of members.
A laptop containing sensitive patient information was recently stolen from Henry Ford Health Systems in Detroit.
Despite facing stricter privacy and security regulations, hospitals still are struggling to protect patient information, and breaches cost the health care industry $6 billion annually, according to a new study.
An unauthorized individual recently gained access to a Louisiana state licensing database that contained the personal information of tens of thousands of emergency medical technicians (EMTs).
The Indiana Attorney General's office has filed a lawsuit against Indianapolis-based health insurance provider WellPoint for taking months to notify state residents whose personal information was breached.
Two health insurers said a flash drive containing the personal health information of hundreds of thousands of Pennsylvania Medicaid recipients has gone missing.
A Texas woman's 15-year prison sentence for stealing hospital patient information underscores a continued upswing in medical identity theft cases.
A virus recently compromised a clinic computer at the University of Oklahoma-Tulsa neurology practice to possibly retrieve sensitive documents on the machine.
The move to electronic medical records presents challenges, but tech solutions offer help for health care practitioners, reports Greg Masters.
Two Oregon car burglaries in the past week have resulted in the loss of the personal information of thousands of Portland, Ore. psychology patients and unemployed state residents.
A laptop containing the personal information of patients was stolen from an office at Thomas Jefferson University Hospital in Philadelphia.
A thumb drive containing the personal data of current and former graduate medical education residents and fellows at Cooper University Hospital in Camden, N.J. has gone missing.
A Massachusetts hospital disclosed this week that records containing sensitive information, ranging from names and Social Security numbers to medical diagnoses and bank account data, was lost by a third-party contractor.
As health care entities face new compliance demands, a free framework could offer some help.
Hackers recently gained access to a pair of file servers containing the personal information of University of Maine students who received counseling services at the school for the past eight years.
The author wades through NIST standards to help organizations select the best encryption technology to satisfy federal health care data protection mandates.
The personal information of hundreds of thousands of Blue Cross customers was recently exposed following a website glitch made by a third party.
The California Department of Public Health has doled out fines to five hospitals for failing to protect patients' medical information. The hospitals, which included Ronald Reagan UCLA Medical Center in Los Angeles, were assessed a total of $675,000 in penalties for violating state privacy laws that prohibit employees from snooping on confidential patient records, the agency said last week in a statement. Community Hospital of San Bernardino received the largest single fine — $250,000 — for failing to prevent an employee from viewing private data of 204 patients. — DK
Organizations may want to second-guess a more restrictive strategy on website access and settle on a more pragmatic approach.
The Federal Trade Commission is, for the fifth time, pushing back the deadline for financial institutions and creditors to comply with the Red Flags Rule.
The city of Charlotte, N.C. recently notified thousands of current and former city employees that their personal information went missing in the mail.
To avoid unintended consequences, organizations considering moving applications, such as email, to the cloud must ask lots of questions.
An unencrypted laptop containing the personal information of thousands of New Mexico citizens enrolled in the state's Medicaid Salud plan was stolen in late March.
A flash drive containing personal patient information recently went missing from Louisville, Ky.-based psychiatric hospital Our Lady of Peace.
Five stolen laptops containing tens of thousands of medical records were recently stolen from Fullerton, Calif.-based St. Jude Heritage Medical Group.
Sign up to our newsletters
SC Magazine Articles
- 'MEDJACK' tactic allows cyber criminals to enter healthcare networks undetected
- Samsung devices, including Galaxy S6, vulnerable to remote code execution
- Dridex banking malware spreading through new spam campaign
- U.S., China agree to cybersecurity code of conduct
- Suspicious activity on LastPass network, data compromised
- Former Georgia-Pacific sysadmin charged with damaging protected computers
- Harvard University announces network intrusion, possible data exposure
- Saboteurs leverage RIPv1 for DDoS reflection attacks
- More than 440K new Android malware strains found in Q1, study finds
- Apple releases OS X 10.10.4 and iOS 8.4, numerous bugs addressed