Tag: healthcare
-
NYDOH Cybersecurity Regulations: What Healthcare Providers Need to Know in 2025
10 NYCRR 405.46: NY’s New Hospital Cyber Regulation Hospitals are no strangers to health data privacy laws like HIPAA. But New York’s new cybersecurity regulations take things to the next level. Finalized by the New York State Department of Health (NYDOH) in October 2024, these laws aim to fill gaps left by existing frameworks. They……
-
Is Your Hospital Sharing Patient Data with Facebook? A Guide for Security and Privacy Teams
Recent lawsuits have revealed a critical privacy concern for healthcare providers the sharing of patient data with Facebook through tracking pixels. We wrote this article to help your security and privacy teams assess their risk, identify key stakeholders, and understand the urgency of this issue. What is the risk? Many hospitals use Meta Pixel,…The post…
-
Managing Risks: Executive Protection in the Digital Age
The recent incident involving the United Healthcare CEO has sparked critical conversations in corporate boardrooms about the evolving threat landscape and the importance of robust security measures centered around executive protection. The incident has illuminated a stark and unsettling reality: the threat landscape for senior executives is evolving in ways that demand immediate attention and……
-
Achieving Stability in Cloud Compliance and Security
Can Cybersecurity Truly Achieve Stability in the Cloud? The increasing adoption of cloud technologies in various industries, from healthcare to financial services, makes the question of stability in cloud compliance and security a top priority. The cornerstone of achieving a stable security paradigm is understanding and managing Non-Human Identities (NHIs) effectively. As cybersecurity specialist with……
-
Nebraska sues Change Healthcare over security failings that led to medical data breach of over 100 million Americans
New details emerged about the Change Healthcare ransomware attack in Nebraska’s complaint. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/18/nebraska-sues-change-healthcare-over-security-failings-that-led-to-medical-data-breach-of-over-100-million-americans/
-
Regional Care Data Breach Impacts 225,000 People
Healthcare insurance firm Regional Care has disclosed a data breach impacting more than 225,000 individuals. The post Regional Care Data Breach Impacts 225,000 People appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/regional-care-data-breach-impacts-225000-people/
-
Key strategies to enhance cyber resilience
Tags: attack, awareness, backup, banking, breach, business, ceo, compliance, control, crowdstrike, cyber, cybersecurity, data, finance, government, group, healthcare, incident, incident response, infrastructure, insurance, metric, network, phishing, programming, ransom, ransomware, resilience, risk, security-incident, service, skills, software, strategy, supply-chain, technology, threat, training, update, vulnerability, windowsThe faulty CrowdStrike software update that triggered IT outages on a global scale in July was a sobering reminder of the importance of incident response and business continuity plans.The update caused more than eight million Windows devices to crash and take down with them airline reservation systems, hospital and government services, financial and banking applications…
-
Is Your Website Leaking Sensitive Patient Information to Facebook? A disturbing story about HIPAA (and How to Avoid It)
Picture this scenario: You’ve used every tool you have to secure your web pages and forms so patient information is safe. One day, a potential patient Googles “hysterectomy options” and ends up on your hospital’s website. They browse around, maybe even schedule an appointment online. You have no reason to worry, right? Because you’ve done…The…
-
Nebraska AG sues Change Healthcare, UnitedHealth for data theft after ransomware attack
The 29-page filing alleges violations of Nebraska’s consumer protection and data security laws and says Change Healthcare, which is owned by UnitedHealth Group (UHG), failed to implement proper security measures that exacerbated the data breach, disrupting critical healthcare services across the state.]]> First seen on therecord.media Jump to article: therecord.media/nebraska-ag-sues-change-healthcare-unitedhealth-after-ransomware-attack
-
Nebraska AG Files 1st State Lawsuit in Change Health Breach
More States Likely To Push Similar Legal Claims Against Change Healthcare and UHG. UnitedHealth Group is facing scores of proposed class action lawsuits involving the massively disruptive cyberattack and mega data breach at its Change Healthcare IT services unit this year. But now the company faces the first in what will likely be many more…
-
Next-gen cybercrime: The need for collaboration in 2025
Tags: ai, attack, awareness, cloud, crime, crimes, cyber, cyberattack, cybercrime, cybersecurity, defense, exploit, framework, group, healthcare, infrastructure, intelligence, risk, service, strategy, tactics, technology, threat, training, vulnerabilityCybercrime is a relentless and evolving threat to organizations worldwide. However, with the right insights, we can significantly enhance our security, mitigate risks, and stay ahead of these criminals.FortiGuard Labs’ Cyberthreat Predictions for 2025 report is designed to provide exactly these insights. It identifies emerging threat trends for the coming year and offers actionable guidance…
-
10 Major Ransomware Attacks And Data Breaches In 2024
Major ransomware attacks and data breaches in 2024 included the Change Healthcare attack, data theft attacks targeting Snowflake customers and the China-linked Salt Typhoon campaign against U.S. government officials. First seen on crn.com Jump to article: www.crn.com/news/security/2024/10-major-ransomware-attacks-and-data-breaches-in-2024
-
Healthcare Cybersecurity: 2024 Was Tough, 2025 May Be Better
2024 was a difficult year for healthcare cybersecurity, but there are some hopeful signs heading into 2025, with effective controls and new rules coming. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/healthcare-cybersecurity-trends-of-2024/
-
ConnectOnCall Data Breach, 900,000 Customers Data Exposed
The healthcare communication platform ConnectOnCall, operated by ConnectOnCall.com, LLC, has confirmed a significant data breach that compromised the personal information of 900,000 patients and healthcare providers. The platform, designed to streamline after-hours communications between patients and healthcare providers, discovered the breach in May of this year. The breach was identified onMay 12, 2024, prompting an…
-
ConnectOnCall data breach impacted over 900,000 individuals
ConnectOnCall disclosed a data breach impacting over 900,000 individuals, exposing their personal information. ConnectOnCall is a telehealth platform and after-hours on-call answering service designed to enhance communication between healthcare providers and patients. It offers automated patient call tracking, HIPAA-compliant chat, and integrates with electronic health record (EHR) systems to streamline after-hours calls and care coordination.…
-
ConnectOnCall breach exposes health data of over 910,000 patients
Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/connectoncall-breach-exposes-health-data-of-over-910-000-patients/
-
Build Your Confidence in Secrets Sprawl Management
Can You Truly Be Confident in Your Approach to Secrets Management? Cybersecurity is a crucial element in today’s digital landscape, but how can organizations ensure they’re confidently managing their non-human identities and secrets? This is a question that many professionals have, regardless of their industry, be it finance, healthcare, travel, or a DevOps and… First…
-
Empower Your SOC Teams with Cloud-Native Security Solutions
Can Cloud-Native Security Be a Game-Changer for Your SOC Teams? In today’s complex digital landscape, organizations are increasingly challenged to protect their data while ensuring compliance with evolving cybersecurity regulations. From finance to healthcare, businesses are recognizing the need for a more comprehensive approach to securing machine identities, especially Non-Human Identities (NHIs). Could effective NHI……
-
Navigating HIPAA Compliance When Using Tracking Technologies on Websites
Websites have become indispensable tools for healthcare organizations to connect with patients, streamline operations, and enhance service delivery. Modern websites are composed of components that “build” unique user experiences in real time.However, the use of tracking technologies on these websites presents unique challenges in complying with the Health Insurance Portability and Accountability Act of 1996…The…
-
Time of Reckoning Reviewing My 2024 Cybersecurity Predictions
Tags: ai, attack, automation, awareness, breach, business, chatgpt, china, compliance, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, disinformation, election, espionage, exploit, healthcare, incident response, infrastructure, jobs, law, linkedin, malware, monitoring, moveIT, phishing, privacy, ransomware, regulation, risk, russia, service, software, supply-chain, technology, threat, tool, ukraine, update, vulnerability, warfare, zero-dayThe brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
-
Hackers Steal 17M Patient Records in Attack on 3 Hospitals
IT Outage, Downtime Procedures Affecting Services at California Healthcare Provider. Cybercriminals claim they stole 17 million patient records from a southern California regional healthcare provider that is still struggling with IT and phone systems outages that have been disrupting patient care since the organization was hit by a ransomware attack on Dec. 1. First seen…
-
UnitedHealth’s Optum left an AI chatbot, used by employees to ask questions about claims, exposed to the internet
Optum’s AI chatbot was found exposed online at a time when the healthcare giant faces scrutiny for its use of AI to allegedly deny patient claims. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/13/unitedhealthcares-optum-left-an-ai-chatbot-used-by-employees-to-ask-questions-about-claims-exposed-to-the-internet/
-
Canadian Eyecare Firm Care1 Exposes 2.2TB of Patient Records
Tags: healthcareAnother day, another healthcare database misconfiguration exposing sensitive patient information. First seen on hackread.com Jump to article: hackread.com/canadian-eyecare-firm-care1-exposes-patient-records/
-
UnitedHealthcare’s Optum left an AI chatbot, used by employees to ask questions about claims, exposed to the internet
Optum’s AI chatbot was found exposed online at a time when the healthcare giant faces scrutiny for its use of AI to allegedly deny patient claims. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/13/unitedhealthcares-optum-left-an-ai-chatbot-used-by-employees-to-ask-questions-about-claims-exposed-to-the-internet/
-
Four ways we can deliver stronger healthcare cloud security
First seen on scworld.com Jump to article: www.scworld.com/perspective/four-ways-we-can-deliver-stronger-healthcare-cloud-security
-
Ransomware in the Global Healthcare Industry”¯
Healthcare organizations are increasingly relying on digital systems to facilitate their daily workflow, but the prevalence of outdated legacy technology in the sector is rendering it vulnerable to cyberattacks with severe consequences.”¯”¯ “¯ First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/ransomware-in-the-global-healthcare-industry/
-
How to turn around a toxic cybersecurity culture
Tags: access, advisory, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, governance, group, guide, healthcare, jobs, password, phishing, risk, sans, service, strategy, technology, threat, training, vulnerability, zero-trustA toxic cybersecurity culture affects team turnover, productivity, and morale. Worse yet, it places enterprise systems and data at risk.In a toxic cybersecurity culture, everybody believes that cybersecurity is somebody else’s job, says Keri Pearlson, executive director for Cybersecurity at MIT Sloan (CAMS), a research consortium focusing on cybersecurity leadership and governance issues. “They don’t…