In this eye-opening presentation, CyberArk raises the alert of Qilin, a sophisticated Ransomware as a Service operator specifically targeting the U.S. healthcare sector.
Federal regulators have hit a California physician services organization with a $240,000 HIPAA civil penalty following an investigation into three ransomware attacks that occurred within a three-week span in early 2018, compromising the sensitive information of 85,000 patients.
A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records.
As healthcare providers migrate their infrastructure and services to the cloud, they gain benefits such as increased flexibility, scalability and optimized patient data access and sharing. But misconceptions about cloud security are jeopardizing the security of electronic patient health information.
Healthcare organizations have faced 21% of all cyberattacks since 2023, as cybercriminals use stolen data and operational disruptions to pressure providers into paying a ransom. Experts advise healthcare firms to move beyond EDR tools and adopt a holistic security strategy.
Two U.S. senators are proposing stricter cyber mandates for the healthcare sector. The bill provides funding to help hospitals adopt enhanced requirements, but lifts HIPAA enforcement fine caps and threatens executives with prison time for falsely attesting their organizations' compliance in audits.
Threat actors tracked as "Vanilla Tempest" - and also known as Vice Society - appear to be changing up the ransomware they use to attack on U.S. healthcare organizations. Likely in a move to avoid detection, the ransomware-as-a-service group has shifted to INC Ransom malware, according to Microsoft.
The U.S. Centers for Medicare and Medicaid Services has updated the scope of the MOVEit hacking breach last year, telling a sister agency that the software supply chain attack affected more than 3.1 million individuals - about three times the number of victims disclosed publicly earlier this month.
The development of regulatory frameworks and standards for IT emerged from the need to address various challenges and requirements in managing information technology and safeguarding data. If a company’s digital infrastructure is under attack, the effects can go much further than just loss of data. The impact on...
Recent mega data breaches involving third-party vendors - such as the Change Healthcare cyberattack - are intensifying the spotlight on critical security risk management and governance issues for business associates and other suppliers, said regulatory attorney Rachel Rose.
Most U.S. healthcare organizations cater to HIPAA with authentication and authorization systems, but many fall short in securing and monitoring privileged accounts.
If you don’t have a sophisticated privileged access management (PAM) system in place, you’re at risk for costly attacks and patient data theft. In...
Hospitals and private care institutions use a multitude of complex endpoints ranging from medical computers and equipment to BYOD mobile devices. These endpoints are at high risk for becoming compromised and letting in cybercriminals who can wreak havoc on the IT infrastructure while stealing valuable electronic...
A Louisiana-based ambulance company that provides emergency medical care services in four states is notifying nearly 3 million people that their sensitive health information was potentially stolen in a June hack. Ransomware gang Daixin claims to have published the data on its dark web leak site.
Texas Attorney General Ken Paxton is suing the Biden administration, alleging that "unlawful" HIPAA Privacy Rule regulations are hindering the state's law enforcement investigations into abortion cases and other reproductive health care cases.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.