Tag: healthcare
-
U.S. Medical billing provider Medusind suffered a sata breach
Medusind, a medical billing provider, disclosed a data breach that occurred in December 2023 and affected over 360,000 individuals. Medusind is a company that provides medical billing, coding, and revenue cycle management (RCM) services to healthcare organizations, including medical practices, dental practices, and other providers. The company disclosed a data breach discovered on December 29,…
-
December ransomware attacks slam healthcare, public services
In December, one victim organization paid a $1.5 million ransom to restore services, while another continued to experience disruptions for more than one month following an attack. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617781/December-ransomware-attacks-slam-healthcare-public-services
-
Medical billing firm Medusind discloses breach affecting 360,000 people
Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/medical-billing-firm-medusind-discloses-breach-affecting-360-000-people/
-
Massachusetts health firm reaches $80,000 settlement with HHS following ransomware investigation
The Department of Health and Human Services (HHS) reached the agreement with Elgon Information Systems after the company violated federal rules around the protection of healthcare data.]]> First seen on therecord.media Jump to article: therecord.media/massachusetts-health-firm-reaches-settlement
-
Genetic Engineering Meets Reverse Engineering: DNA Sequencer’s Vulnerable BIOS
Eclypsium’s research team has identified BIOS/UEFI vulnerabilities in a popular DNA gene sequencer made by Illumina, a leading genomics and healthcare technology vendor. More specifically, we found that the Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM mode and without Secure Boot or standard firmware write protections. This would allow……
-
Effective Strategies for Secrets Vaulting
Why is Secrets Vaulting Integral to Secure Cloud Environments? Have you thought about just how secure your cloud environment truly is? For professionals spanning across industries from financial services to healthcare, the urgency to protect sensitive information becomes all the more critical. In the endeavor to keep data safe, secrets vaulting emerges as a pivotal……
-
What to Know About the Proposed New HIPAA Rules
If approved, the proposed new HIPAA rules will reshape the landscape of healthcare cybersecurity, partially addressing the recent OIG report’s findings on the ineffectiveness of current HIPAA audits. For CISOs, these changes present both opportunities and challenges as they work to enhance their organizations’ cybersecurity practices. The updated compliance requirements for electronic protected health information……
-
Staten Island Hospital Notifying 674,000 of May 2023 Hack
Data Theft Incident Also Disrupted IT Systems for Nearly a Month. Richmond University Medical Center, a 440-bed teaching hospital on Staten Island, N.Y, is notifying 674,000 people of a data theft that happened 18 months ago. The breach was part of a ransomware attack that disrupted the organization’s IT systems for several weeks in spring…
-
Is healthcare cybersecurity in critical condition?
This article highlights key findings and trends in healthcare cybersecurity for 2024. From the rising impact of cyberattacks on patient care to the vulnerabilities posed by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/06/healthcare-cybersecurity-2024-trends/
-
Privacy Roundup: Week 1 of Year 2025
Tags: access, ai, android, apple, authentication, botnet, breach, browser, business, captcha, chrome, compliance, cve, cybersecurity, data, data-breach, detection, email, encryption, exploit, finance, firmware, flaw, google, group, hacker, healthcare, HIPAA, infrastructure, injection, Internet, law, leak, login, malware, open-source, password, phishing, privacy, router, service, software, threat, tool, update, virus, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
-
New HIPAA Cybersecurity Rules Pull No Punches
Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/hipaa-security-rules-pull-no-punches
-
Richmond University Medical Center data breach impacted 674,033 individuals
Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. Richmond University Medical Center (RUMC) is a healthcare institution based in Staten Island, New York. It provides a wide range of medical services, including…
-
Proposed HIPAA Amendments Will Close Healthcare Security Gaps
Tags: authentication, control, cybersecurity, healthcare, HIPAA, mfa, network, privacy, regulation, threatThe changes to the healthcare privacy regulation with technical controls such as network segmentation, multi-factor authentication, and encryption. The changes would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/proposed-hipaa-amendments-close-healthcare-security-gaps
-
New York Hospital Says Ransomware Attack Data Breach Impacts 670,000
Richmond University Medical Center has been investigating a ransomware attack since May 2023 and it recently determined that it affects 670,000 people. The post New York Hospital Says Ransomware Attack Data Breach Impacts 670,000 appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-york-hospital-says-ransomware-attack-data-breach-impacts-670000/
-
What’s in HHS’ Proposed HIPAA Security Rule Overhaul?
Experts: New Mandates Could Be Difficult, Costly for Many Entities. The U.S. Department of Health and Human Services’ proposed overhaul of the 20-plus-year-old HIPAA Security Rule aims to drastically improve the state of healthcare sector cybersecurity, but the potential new requirements could mean difficult and expensive heavy lifting for many regulated entities. First seen on…
-
Be Certain Your Data is Guarded with Cloud Compliance
Are You Confident in Your Data Protection Strategy? Data security has become a priority for organizations across various sectors, from finance and healthcare to travel and software development. With increased cloud adoption, managing Non-Human Identities (NHIs) and their secrets has become essential for maintaining security, reducing risks, and ensuring regulatory compliance. But how can we……
-
Get Excited: Innovations in Privileged Access Mgmt
An Exciting Paradigm Shift in Managing Non-Human Identities Are we truly harnessing the power of Non-Human Identities (NHIs) in cybersecurity? A new wave of innovations in privileged access management has created an exciting shift in the cybersecurity landscape, ensuring end-to-end protection for organizations working in the cloud. From financial services and healthcare to travel and……
-
Addressing Gen AI Privacy, Security Governance in Healthcare
As healthcare entities embrace generative AI tools, it’s critical they take a holistic approach addressing privacy and security governance, said Dave Perry, digital workspace operations manager, St. Joseph’s Healthcare in Ontario, who discusses how his organization is tackling those challenges. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/addressing-gen-ai-privacy-security-governance-in-healthcare-i-5433
-
10 of the biggest ransomware attacks in 2024
Ransomware attacks against U.S. organizations in 2024 disrupted healthcare systems, supply chains and government services and led to tens of millions of dollars in ransom payments. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617564/10-of-the-biggest-ransomware-attacks-in-2024
-
Massive healthcare breaches prompt US cybersecurity rules overhaul
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/massive-healthcare-breaches-prompt-us-cybersecurity-rules-overhaul/
-
Innovation in API Security: What’s New
So, What’s the Deal with Recent API Security Innovations? As companies across the spectrum of industries including finance, healthcare, travel, and more intensify their adoption of digital technologies, there’s an undeniable need for robust security measures to protect their assets in the cloud. More than ever, Non-Human Identities (NHIs) and Secrets Security Management are emerging……
-
White House Clears HIPAA Security Rule Update
HHS Proposes Encryption, Security Standards for Healthcare Firms. The U.S. Department of Health and Human Services is proposing new rules for healthcare organizations that aim to bolster protections for Americans by requiring companies to encrypt sensitive patient data and conduct routine compliance evaluations amid increased threats targeting the sector. First seen on govinfosecurity.com Jump to…
-
Wanted: An Incident Repository For Healthcare Nonprofits
Cyber incident details involving non-profit and non-government entities across sectors such as healthcare are not centrally reported and collected, creating gaps for researchers, IT experts and others seeking to analyze trends in their industries, said Stanley Mierzwa of Kean University. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/wanted-incident-repository-for-healthcare-nonprofits-i-5435
-
Contingency Planning for Attacks on Critical Third Parties
One of the most important lessons emerging in 2024 for the healthcare sector is that entities should diligently prepare contingency plans for potential cyberattacks that seriously disrupt their critical third-party vendors, advises regulatory attorney Betsy Hodge of the law firm Akerman. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/contingency-planning-for-attacks-on-critical-third-parties-i-5436
-
7 biggest cybersecurity stories of 2024
Tags: access, ai, alphv, at&t, attack, authentication, breach, business, china, cio, ciso, citrix, cloud, credentials, crowdstrike, crypto, cyber, cybercrime, cybersecurity, data, data-breach, deep-fake, detection, email, espionage, exploit, extortion, finance, google, government, group, hacking, healthcare, incident response, infection, insurance, intelligence, international, jobs, lockbit, malicious, malware, mandiant, mfa, microsoft, network, nis-2, north-korea, office, phishing, phone, privacy, ransomware, regulation, risk, risk-management, scam, service, software, strategy, tactics, technology, threat, ukraine, update, vulnerability, windowsCybersecurity headlines were plenty this year, with several breaches, attacks, and mishaps drawing worldwide attention.But a few incidents in particular had far-reaching consequences, with the potential to reshape industry protections, shake up how vendors secure customers’ systems, or drive security leaders to reassess their strategies.Longer-term trends such as increased cybersecurity regulations and the impact of…
-
Why Hackers Love Weekend and Holiday Attacks
About 75% of healthcare sector entities that suffered a ransomware attack over the past year were targeted on a weekend or holiday, highlighting the need for organizations to bolster staffing and related strategies during these vulnerable times, said Jeff Wichman of security firm Semperis. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/hackers-love-weekend-holiday-attacks-i-5430