Health Care News, Articles and Updates

House committee asks HHS to boost cybersecurity by requiring component list for medical devices

The House Committee on Energy and Commerce is asking the Department of Health and Human Services require that manufactures list the components and materials used in medical equipment as one way of helping ensure these devices are safe from cyberattacks.

Study: Organizations suffer critical and costly IT incidents five times a month

On average, organizations suffer a critical IT incident five times per month, with each one costing a mean of $141,628, according to a Quocirca/Splunk study. Another study, from Ponemon Research/Radware, found that 45 percent of 600 surveyed CISOs experienced a data breach in the last year.

WannaCry, Cerber most used ransomware types, hospitals most hit sector, report

WannaCry and Cerber has totally dominated the ransomware landscape so far this year comprising almost all the attacks that have taken place, while other big names such as Locky were barely a blip on the radar.

Wannacry - North Korea blamed by UK; NHS didn't follow recommendations

National Audit Office (NAO) report says NHS trusts were left vulnerable to the unsophisticated Wannacry attack because NHS chiefs ignored cyber-security recommendations. UK Government holds North Korea responsible.

Dark Overlord threatens to release plastic surgery images of royals, celebrities

The Dark Overlord cybergang has at least temporarily moved away from attacking school districts and has turned back to threatening to release celebrity private information by hacking a London, UK plastic surgery firm.

ShopRite Kingston, N.Y. pharmacy customers data exposed

ShopRite supermarket customers who patronized the chain's store in Kingston, N.Y. may have had their payment card and some health information compromised when the store improperly discarded an electronic signature device used in the store's pharmacy.

128,000 Arkansas Oral & Facial Surgery Center patients compromised

In late July the Arkansas Oral & Facial Surgery Center was hit with a ransomware attack that not only locked up patient records, but may have also exposed their personal information.

WannaCry and Hollywood hospital ransomware attacks crossed a line for some cybercriminals

The ransomware infection that disrupted Hollywood Presbyterian Medical Center and the worldwide WannaCry attack in 2017 caused an ethical and philosophical rift among members of the Russian and Eastern European cybercriminal community.

Houston man sentenced to 27 months for hospital hack

A Houston man was sentenced to 27 months in prison for hacking into the Centerville Clinic computer system, disabling all administrative controls and using the health care facilities credit card to make purchases at Staples.

Medfusion 4000 Wireless Syringe Infusion Pump can be exploited to compromise operations

Until a new version of Smiths Medical's Medfusion 4000 Wireless Syringe Infusion Pump is issued in January 2018, its operators should be wary of eight vulnerabilities that can be remotely exploited to gain access to the device and compromise its functionality.

19,000 Medical Oncology Hematology Consultants, PA records exposed in ransomware attack

More than 19,000 patient records were exposed during a ransomware attack on Medical Oncology Hematology Consultants, PA that took place in June.

Silver Cross Hospital vendor exposes information on 9,000 patients

Almost 9,000 patients of Silver Cross hospital, outside of Chicago, possibly had their data exposed due to an error made by a third-party vendor.

Abbott Laboratories securing vulnerable pacemakers with firmware and software updates

Healthcare product manufacturer Abbott Laboratories is updating the firmware and software in its line of implantable pacemakers to shore up a security vulnerability that could lead to unauthorized access.

Flaws in web-based radiological solution could allow attackers to see right through database

A web-based reporting tool that tracks radiation doses delivered by X-ray machines and related devices contains vulnerabilities that could impact patient confidentiality, system integrity, or system availability, Dutch tech company Philips reported.

Almost 5,000 The Daniel Drake Center for Post-Acute Care patient records exposed

The Daniel Drake Center (DDC) for Post-Acute Care, which is part of the University of California's health system, reported patient information was accessed and viewed by an unauthorized employee over a two-year period.

Staffing agency employee allegedly distributes patient information illegally

The Detroit Medical Center (DMC) has alerted more than 1,500 of a data breach caused by an employee who shared personal information with unauthorized individuals.

5,300 University of Iowa Health Care records exposed for two years

Thousands of University of Iowa Health Care (UIHC) patients had some of their private information inadvertently posted for more than two years on a web application development site.

Indiana Medicaid patient information exposed

Indiana Medicaid members may have had their personally identifiable information compromised when a third-party vendor mistakenly made public a link to the data.

UPDATED: Information-stealing malware found targeting Israeli hospitals

Researchers from Trend Micro have discovered a malware campaign seemingly targeting Israeli hospitals with highly obfuscated information-stealing malware that abuses LNK shortcut files.

2,000 Texas HHSC clients health data compromised

The Texas Health and Human Services Commission (HHSC) reported a data breach possibly affecting almost 2,000 people in the Houston area.

Botched security: Celebrities, other patients, affected after plastic surgery files are breached and stolen

Hackers on Tuesday publicly posted more than 25,000 files and private images stolen from a Lithuanian plastic surgery clinic after attempting to financially extort the medical facility and its clients.

WannaCry patches mistakenly knock Aussie hospitals offline

In a case of no good deed goes unpunished, five Australian hospitals accidently locked out staff access to the computer systems after installing patches designed to protect them from WannaCry ransomware.

All cried out? WannaCry ransomware victims strive to recover as researchers dig into attack

As the world returned to work on Monday, businesses continued to pick up the pieces following a historic cyberattack that crippled Windows machines across the globe with WanaCrypt0r 2.0 ransomware.

Report: Ontario mails health card forms containing personal info to wrong addresses

Ontario, Canada mistakenly exposed thousands of residents' personal information after printing the wrong addresses on individuals' health card renewal forms, causing them to be sent to strangers, according to the Ottawa Citizen.