Health Care News, Articles and Updates

Breach compromises data of 9,000 Verity Health System patients

About 9,000 Verity Health patients had their personal data compromised after an unauthorized entry was discovered in the health system's network.

Sentara Healthcare notifies 5.4K of breach

The breach of a third party vendor resulted in Virginia-based Sentara Healthcare notifying more than 5,000 patients about their information being compromised.

3,600 patients affected by breach at the Children's Hospital Los Angeles

In mid-December a laptop belonging to a doctor working at the Children's Hospital Los Angeles and the Children's Hospital Los Angeles Medical Group was stolen.

Number of U.S. healthcare data breaches almost doubles in 2016

Health care organizations in the United States lost far fewer patient records in 2016 due to cyberattacks, compared to the year before, but suffered through almost twice as many data breaches during the year.

Anthem breach caused by nation state

The California Department of Insurance reported that the 2015 Anthem breach was the result of a nation state attack.

Researcher: Subcontractor leaks data on military health care professionals

Personal data belonging to health care professionals working for the U.S. military was sitting exposed on an insecure server operated by a medical services subcontractor, a security researcher from MacKeeper reported on Saturday.

FDA Issues Final Guidance for Medical Device Security

With all the current concern over IoT being insecure from cyberattacks, the U.S. Food & Drug Administration (FDA) posted a timely blog post outlining the agency's final guidance for medical device safety.

November healthcare breaches: 458,000 patient records affected

The healthcare industry had an up and down November with the number of patient records lost in data breaches declining, but the number of incidents reaching a new high for the year.

Healthcare organisations see value in going mobile but concerns linger over device management

New research by Vanson Bourne shows security as the top concern when considering management of staff mobile devices, however only 54 percent of respondents are confident that their organisation can quickly adapt to changing regulations.

SamSa ransomware extortionists earned $450K in yearly ill-gotten profits

Over the last 12 months, the cybercriminals behind the SamSa ransomware campaign targeting healthcare organizations have raked in at least $450,000 in ransom payments.

Former patients affected in Broward Health breach

Fort Lauderdale, Florida-based Broward Health announced a breach that may have compromised patient data.

75% of healthcare industry hit with malware, report

The healthcare vertical is at particular risk from ransomware. This is just one of the findings of the "2016 Healthcare Industry Cybersecurity Report," a just-released survey from SecurityScorecard.

Healthcare data breaches increase, but fewer records compromised

The healthcare industry saw 37 data breaches take place in September with about 250,000 patient records being compromised, but this was a major decrease from the 8.8 million records breached in August.

Insulin pump from Animas can be sabotaged to deliver overdose; risk 'extremely low'

The OneTouch Ping Insulin Pump system from Animas Corporation contains three vulnerabilities that could allow a remote attacker to trigger an overdose, warned Internet security firm Rapid7, in an announcement later confirmed by the device manufacturer.

What about health care?

WADA confirms Fancy Bear behind attack on anti-doping database

The Russian espionage group Tsar Team, aka Fancy Bear, got into the ADAMS system through an account created by the International Olympic Committee for the 2016 Rio Games.

87K affected in SCAN Health Plan breach

SCAN Health Plan is notifying users that remote attackers were able to gain access to the contact sheets system and accessed the personal information of past and current members and some non-plan members.

MedSec goes its own way with medical device flaw

Eschewing the bug bounty route, a cybersecurity firm which detected a flaw in a medical device from St. Jude Medical, partnered with an investment firm to capitalize on its knowledge and short sell stock in the device manufacturer.

Ransomware locks experts in debate over ethics of paying

The explosive growth in ransomware has once again heated up the debate as to whether infected organizations have an ethical responsibility to refuse payment. But are some companies exacerbating the problem by paying up even when they have viable data backups?

Data breach hits Whitehead Nursing Home in Northern Ireland

A laptop taken home by an employee of the Whitehead Nursing Home was stolen.

HHS' Office for Civil Rights instructs its investigators not to overlook smaller breaches

In a revision of its policies, the U.S. Department of Health and Human Services' Office for Civil Rights has instructed its regional offices to place more of an emphasis on investigating smaller health-care data breaches that affect fewer than 500 individuals.

Records exposed of 650K patients at Bon Secours

Patient records were compromised at Bon Secours, a nonprofit health care provider.

PilotFish source codes selling on dark web, report

In what is being flagged as a threat to the health care sector, the source code of all of PilotFish Technology's software has been posted to the dark web.

UPDATED: Oregon State Hospital notifies patients of breach

Oregon State Hospital's maximum security ward is notifying patients of a data breach.

Advocate Health Care hit with largest HIPAA settlement

Advocate Health Care will pay $5.55 million for a breach that led to the exposure of personally identifiable information of four million patients.

Ransomware targeting healthcare overshadows other sectors

An analysis of malicious threats tracked by managed security services provider Solutionary reported that ransomware attacks targeting healthcare companies comprised 88 percent of all ransomware attacks.

Ultrasound theft results in data breach at health care company Kaiser Permanente

Health care consortium Kaiser Permanente's Northern California division has publicly disclosed a data breach after two of its employees allegedly stole an unspecified number of ultrasound machines containing protected health information.

NHS England single patient database scrapped

Two critical reports showed a lack of public trust in NHS security and confidentiality handling patient records causing the government to scrap plans for a unified doctor and hosptial patient database.

Massachusetts General Hospital data breach affects 4.3K patients

Fingers are pointing at a third-party vendor as the culpable party behind the exposure of personally identifiable information of 4,300 patients of Massachusetts General Hospital (MGH).