Tag: healthcare
-
Mass. Hospital Diverting Ambulances as It Deals With Attack
Signature Healthcare EHRs, Patient Portal Offline; Some Cancer Care Cancelled. A Massachusetts healthcare system is diverting ambulance patients and is operating under downtime procedures as it deals with a cyberattack. The organization has also canceled certain cancer treatments, taken its patient portal offline and is unable to fill prescriptions at its retail pharmacies. First seen…
-
Massachusetts hospital turning ambulances away after cyberattack
Signature Healthcare and Signature Healthcare Brockton Hospital said on Monday that the cyber incident is impacting many of their information systems. First seen on therecord.media Jump to article: therecord.media/massachusetts-hospital-turning-ambulances-away-cyberattack
-
Support platform breach exposes Hims amp; Hers customer data
Healthcare companies handle some of the most personal data imaginable, and that makes them a magnet for hackers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/support-platform-breach-exposes-hims-amp-hers-customer-data/
-
Shadow AI in Healthcare is Here to Stay
Medical professionals are not going to stop using AI tools to manage growing workloads. Organizations should prioritize bolstering security protocols to limit their blast radius. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/shadow-ai-in-healthcare-is-here-to-stay
-
Authentication is broken: Here’s how security leaders can actually fix it
Tags: access, attack, authentication, backup, business, communications, control, credentials, cryptography, data, exploit, fido, firmware, Hardware, healthcare, identity, login, mfa, microsoft, okta, passkey, privacy, resilience, risk, soc, technology, update, windowsSector snapshots: Where it breaks (and why that matters): Healthcare. Clinicians need tap and go speed with zero tolerance for downtime. One large hospital attempted to pair advanced HID SEOS credentials, which use privacy-preserving randomized IDs, with a clinical SSO platform that expects static IDs for user recognition. This architectural mismatch forced a choice between…
-
What makes Non-Human Identities safe for companies
Have You Ever Considered How Securing Non-Human Identities Could Transform Your Organization? Non-Human Identities (NHIs) security is increasingly crucial across various sectors, from financial services to healthcare and beyond. These machine identities are not mere technical entities but fundamental components that define a company’s cybersecurity. By understanding and managing NHIs effectively, organizations can bridge the……
-
ISMG Editors: Vendor Breaches Expose Healthcare Risk
Also: RSAC Speakers Warn AI Is Outpacing Security, DoD’s Zero Trust Reality Check. In this week’s panel, four ISMG editors discussed growing cyber risks in healthcare following recent vendor breaches, key takeaways from RSAC Conference and whether the Pentagon’s zero trust push is delivering real security benefits or just checking off boxes. First seen on…
-
Breach Roundup: Feds Confirm ‘Major’ Hack of FBI System
Also, Lloyds Data Leak, Dutch Treasury Breach, Citrix Bug Exploit, Pay2Key Activity. This week, Lloyds data leak hits 450K, Dutch treasury breach, Citrix flaw exploited, Iran-linked ransomware ops, TrueConf zero-day, Russian fraud ring sentenced, Romania targeted, patch gaps persist, and U.S. hospital breach affects 257K. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-feds-confirm-major-hack-fbi-system-a-31329
-
State AG Sues Change Healthcare in 2024 Ransomware Attack
Iowa Seeking Civil Monetary Fines, Damages for Alleged Violations. Iowa’s state attorney general is seeking financial damages, civil penalties and improvements to UnitedHealth Group’s data security practices for alleged violations of state and federal laws and other claims involving the 2024 ransomware attack on its Change Healthcare unit. First seen on govinfosecurity.com Jump to article:…
-
When Trusted Systems Become Attack Paths
A hospital in Chicago is still dealing with stolen patient data. A major U.S. medical manufacturer is restoring order processing, manufacturing, and shipments after a destructive attack. A Washington-based employee benefits administrator is notifying 2,697,540 people that their data may have been exposed. Put those stories together and the same fault lines keep showing up,……
-
Ransomware Will Hit Hospitals. Rehearsals Are Key to Defense
A chief medical information officer provided a peek into what hospitals face when they inevitably suffer a ransomware attack”, whether it leads to short or long-term outages. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ransomware-hospitals-preparation-key-defense
-
Manufacturing & Healthcare Share Struggles with Passwords
The two key economic sectors struggle with security for a reason: Many insiders view access management as a roadblock, while attackers see it as a way in. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/manufacturing-and-healthcare-share-struggles-with-passwords
-
Healthcare tech firm CareCloud says hackers stole patient data
Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption lasting approximately eight hours. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/healthcare-tech-firm-carecloud-says-hackers-stole-patient-data/
-
Manufacturing and Healthcare Share Struggles with Passwords
The two key economic sectors struggle with security for a reason: Many insiders view access management as a roadblock, while attackers see it as a way in. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/manufacturing-and-healthcare-share-struggles-with-passwords
-
Healthcare software firm CareCloud informs SEC of potential patient data leak
The healthcare software firm CareCloud warned the Securities and Exchange Commission that a cyberattack may have resulted in the leak of patient data. First seen on therecord.media Jump to article: therecord.media/carecloud-hack-data-breach-sec
-
Can Agentic AI keep you ahead in cybersecurity?
Can Machine Identities Redefine Security? Understanding Non-Human Identities and Their Impact What if the key to future-proofing your cybersecurity strategy lies in managing machine identities effectively? Non-Human Identities (NHIs) have become fundamental to organizational security frameworks. Their significance cannot be overstated, particularly in sectors like financial services, healthcare, and travel, where NHIs support critical operations……
-
CISA Flags Critical Flaw in Grassroots DICOM Imaging Library
Researcher: If Exploited, Bug Could Crash Hospital Medical Imaging Systems. The Cybersecurity Infrastructure and Security Agency is warning of a high severity in Grassroots DICOM, an open-source library commonly used for medical imaging products, that if exploited could allow an attacker to send a specially crafted file resulting in a denial-of-service situation. First seen on…
-
Breach Roundup: Tycoon2FA Phishing Platform Rebounds
Tags: 2fa, attack, breach, data, data-breach, healthcare, iran, malware, north-korea, oracle, phishing, ransomware, russiaAlso, Russian Signal Phishing, Iran-Linked Malware, Breaches in Spain and France. This week, Tycoon 2FA, Trio-Tech, messaging app spying and a ransomware broker sentenced. Iran-linked hackers. Mazda disclosed a breach. Oracle patched a flaw. North Korean actors weaponized VS Code, a Spanish port ransomware attack, a French teacher data breach and a healthcare firm victim…
-
NYC Health Notifying Patients of 2 Third-Party Hacks
Incidents Are Unrelated, Says NYC Health + Hospitals. Hackers had access to New York City’s municipal healthcare system for nearly three months before being detected, stealing data of an undisclosed number of patients. The incident is the second hacking-related data breach within weeks involving a third-party firm hired by NYC Health + Hospitals. First seen…
-
Why Healthcare Faces Rising Risks From Shadow AI
Zscaler’s Ravi Monga on Managing AI Risks in Clinical Environments. Healthcare organizations are increasingly adopting AI for efficiency and patient care, but governance is lagging behind. Zscaler’s Healthcare CISO Ravi Monga explains why visibility into AI usage, including shadow AI, has become the sector’s most urgent cybersecurity challenge. First seen on govinfosecurity.com Jump to article:…
-
Iran-linked ransomware operation targeted US healthcare provider
The Pay2Key group may have shifted its aims from extortion to destruction. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iran-linked-ransomware-operation-targeted-us-healthcare-provider/815652/
-
AI and Medical Device Cybersecurity: The Good and Bad
Is AI Exposing a Growing Vulnerability Risk Mitigation Gap?. AI-fueled tools can help to identify medical device vulnerabilities much faster and at a higher volume than more traditional tools. But can device manufacturers and healthcare delivery organizations keep up with prioritizing and addressing a tidal wave of newly discovered flaws? First seen on govinfosecurity.com Jump…
-
QualDerm Partners December 2025 data breach impacts over 3 Million people
Over 3.1M people affected as QualDerm Partners suffered a December 2025 breach, exposing personal, medical, and health insurance data. Over 3.1 million people are affected by a December 2025 data breach at QualDerm Partners, where hackers stole personal, medical, and health insurance information from the company’s internal systems. QualDerm Partners is a U.S.-based healthcare management…
-
Iran-linked ransomware gang targeted US healthcare org amid military conflict
The incident responders noted that there was no evidence that data was exfiltrated during the intrusion, an unusual development considering U.S. intelligence agencies previously said Pay2Key attacks were largely conducted for information theft. First seen on therecord.media Jump to article: therecord.media/iran-linked-ransomware-gang-targeted-us-healthcare-org
-
OWASP Top 10 Risks for Agentic Applications: Must-Know Risks
The rapid evolution of AI has moved us beyond simple chatbots into the era of agentic applications, systems that can plan, reason, and act autonomously across multiple steps. From finance and healthcare to cybersecurity and DevOps, these agents are no longer passive assistants; they are decision-makers. But with autonomy comes a new class of risks….…
-
Attackers Hide Infostealer in Copyright Infringement Notices
A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/attackers-hide-infostealer-copyright-infringement-notices
-
Cyberattack on a Car Breathalyzer Firm Leaves Drivers Stuck
Plus: The FBI admits it’s buying phone data to track Americans, Iranian hackers disrupt medical care at Maryland hospitals, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-cyberattack-on-a-car-breathalyzer-firm-leaves-drivers-stuck/