Health Care News, Articles and Updates

All cried out? WannaCry ransomware victims strive to recover as researchers dig into attack

As the world returned to work on Monday, businesses continued to pick up the pieces following a historic cyberattack that crippled Windows machines across the globe with WanaCrypt0r 2.0 ransomware.

Report: Ontario mails health card forms containing personal info to wrong addresses

Ontario, Canada mistakenly exposed thousands of residents' personal information after printing the wrong addresses on individuals' health card renewal forms, causing them to be sent to strangers, according to the Ottawa Citizen.

Microsoft bug linked to spy campaigns, bank thefts reportedly took 6 months to fix

A zero-day bug in Microsoft Office and WordPad that hackers exploited to spy on targeted users, implant malware, and steal banking credentials took nine months to fix, according to news reports.

1.5 million records lost in March health care industry data breaches

A sharp spike in the number of health care data breaches was recorded in March with 39 incidents taking place compromising more than 1.5 million patient record.

Fancy Bear accused of stealing IAAF athlete data

Russian APT group Fancy Bear is believed to have struck again, this time compromising the medical data of more than 80 International IAAF athletes.

Breach compromises data of 9,000 Verity Health System patients

About 9,000 Verity Health patients had their personal data compromised after an unauthorized entry was discovered in the health system's network.

Sentara Healthcare notifies 5.4K of breach

The breach of a third party vendor resulted in Virginia-based Sentara Healthcare notifying more than 5,000 patients about their information being compromised.

3,600 patients affected by breach at the Children's Hospital Los Angeles

In mid-December a laptop belonging to a doctor working at the Children's Hospital Los Angeles and the Children's Hospital Los Angeles Medical Group was stolen.

Number of U.S. healthcare data breaches almost doubles in 2016

Health care organizations in the United States lost far fewer patient records in 2016 due to cyberattacks, compared to the year before, but suffered through almost twice as many data breaches during the year.

Anthem breach caused by nation state

The California Department of Insurance reported that the 2015 Anthem breach was the result of a nation state attack.

Researcher: Subcontractor leaks data on military health care professionals

Personal data belonging to health care professionals working for the U.S. military was sitting exposed on an insecure server operated by a medical services subcontractor, a security researcher from MacKeeper reported on Saturday.

FDA Issues Final Guidance for Medical Device Security

With all the current concern over IoT being insecure from cyberattacks, the U.S. Food & Drug Administration (FDA) posted a timely blog post outlining the agency's final guidance for medical device safety.

November healthcare breaches: 458,000 patient records affected

The healthcare industry had an up and down November with the number of patient records lost in data breaches declining, but the number of incidents reaching a new high for the year.

Healthcare organisations see value in going mobile but concerns linger over device management

New research by Vanson Bourne shows security as the top concern when considering management of staff mobile devices, however only 54 percent of respondents are confident that their organisation can quickly adapt to changing regulations.

SamSa ransomware extortionists earned $450K in yearly ill-gotten profits

Over the last 12 months, the cybercriminals behind the SamSa ransomware campaign targeting healthcare organizations have raked in at least $450,000 in ransom payments.

Former patients affected in Broward Health breach

Fort Lauderdale, Florida-based Broward Health announced a breach that may have compromised patient data.

75% of healthcare industry hit with malware, report

The healthcare vertical is at particular risk from ransomware. This is just one of the findings of the "2016 Healthcare Industry Cybersecurity Report," a just-released survey from SecurityScorecard.

Healthcare data breaches increase, but fewer records compromised

The healthcare industry saw 37 data breaches take place in September with about 250,000 patient records being compromised, but this was a major decrease from the 8.8 million records breached in August.

Insulin pump from Animas can be sabotaged to deliver overdose; risk 'extremely low'

The OneTouch Ping Insulin Pump system from Animas Corporation contains three vulnerabilities that could allow a remote attacker to trigger an overdose, warned Internet security firm Rapid7, in an announcement later confirmed by the device manufacturer.

What about health care?

WADA confirms Fancy Bear behind attack on anti-doping database

The Russian espionage group Tsar Team, aka Fancy Bear, got into the ADAMS system through an account created by the International Olympic Committee for the 2016 Rio Games.

87K affected in SCAN Health Plan breach

SCAN Health Plan is notifying users that remote attackers were able to gain access to the contact sheets system and accessed the personal information of past and current members and some non-plan members.

MedSec goes its own way with medical device flaw

Eschewing the bug bounty route, a cybersecurity firm which detected a flaw in a medical device from St. Jude Medical, partnered with an investment firm to capitalize on its knowledge and short sell stock in the device manufacturer.

Ransomware locks experts in debate over ethics of paying

The explosive growth in ransomware has once again heated up the debate as to whether infected organizations have an ethical responsibility to refuse payment. But are some companies exacerbating the problem by paying up even when they have viable data backups?

Data breach hits Whitehead Nursing Home in Northern Ireland

A laptop taken home by an employee of the Whitehead Nursing Home was stolen.

HHS' Office for Civil Rights instructs its investigators not to overlook smaller breaches

In a revision of its policies, the U.S. Department of Health and Human Services' Office for Civil Rights has instructed its regional offices to place more of an emphasis on investigating smaller health-care data breaches that affect fewer than 500 individuals.

Records exposed of 650K patients at Bon Secours

Patient records were compromised at Bon Secours, a nonprofit health care provider.

PilotFish source codes selling on dark web, report

In what is being flagged as a threat to the health care sector, the source code of all of PilotFish Technology's software has been posted to the dark web.

UPDATED: Oregon State Hospital notifies patients of breach

Oregon State Hospital's maximum security ward is notifying patients of a data breach.