Thousands of unique IP addresses are potentially exposing medical devices, electronic medical records systems and other sensitive healthcare information to the internet, said security researcher Himaja Motheram of security firm Censys, which made the discovery.
Federal regulators have fined a Catholic healthcare system $35,581 for HIPAA violations requiring a corrective action plan after the Pennsylvania provider impermissibly disclosed a female patient's reproductive health and other sensitive information to a prospective employer.
The U.S. Department of Health and Human Services' Office for Civil Rights should restart and toughen the scope of its HIPAA audits. A watchdog agency says HHS needs to better assess whether regulated healthcare organizations are taking required actions to reduce their cybersecurity risk.
A U.K. National Heath Service teaching hospital in northwest England reported a major cyberincident on Tuesday that forced the healthcare facility to cancel outpatient appointments for the day. Maternity services, neo-natal and emergency triage are "running as normal."
An Illinois gastroenterology practice and a California pulmonary practice are among the latest medical specialty groups targeted by cybercriminals who claim to have their patients' sensitive health information. Attacks on such specialty healthcare practices appear to be rising, some experts said.
Russian-based cybercrime gang BianLian has continued to thrive since shifting from using double extortion strategies to primarily data theft last year. BianLian is the third most active ransomware gang with a penchant for healthcare, and authorities are warning that the group has adopted new TTPs.
The U.S. Department of Health and Human Services needs to take important actions to do a better job of carrying out its duties as the lead federal agency responsible for strengthening cybersecurity in the healthcare and public health sector, said a new federal watchdog agency report.
Federal regulators have fined a Los Angeles county mental health clinic $100,000 for failure to provide a patient with timely access to her requested health records during the COVID-19 pandemic. The case is the U.S. government's 51st HIPAA patient right-of-access enforcement action.
An Oklahoma hospital quickly restored its IT systems after a ransomware attack in September, but the 62-bed hospital could not recover some data and later learned that hackers may have accessed the personal information of 133,000 people. The attack is the latest involving a small rural hospital.
Ransomware group Embargo is threatening to publish nearly 1.5 terabytes of data allegedly stolen in an attack on American Associated Pharmacies, a collaborative of 2,000 independent pharmacies. The gang is shaking down AAP for the second installment of an alleged agreed-up ransom deal.
A New York state court has approved a preliminary $1.5 million settlement of a consolidated proposed class action lawsuit against One Brooklyn Health System following a November 2022 cyberattack that involved theft of sensitive health data belonging to more than 235,000 people.
In the latest weekly update, ISMG editors explored the growing threat of disrupted ransomware attacks as a public health crisis, the potential global impact of a Donald Trump's second presidential term, and implications of the latest big merger in the cybersecurity market.
A new playbook from the Health Sector Coordinating Council aims to help manufacturers of medical products such as pharmaceuticals, devices and durable equipment plot out and improve their response to ransomware attacks and other cyber incidents.
Godzilla webshell, a Chinese-language backdoor known for its stealth and ability to execute commands and manipulate files, is publicly available on GitHub, and federal authorities have issued a stern warning to the healthcare sector to prepare for this threat and inevitable cyberattacks.
A federal court has finalized an $8 million settlement in a consolidated proposed class action lawsuit against law firm Orrick Herrington & Sutcliffe involving a hack that affected several clients and more than 638,000 individuals. It is one of several law firms facing similar data breach problems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.