A New York-based practice management vendor has notified 28 healthcare entity clients and more than 942,000 of their patients that sensitive information was compromised in a ransomware attack in April. The incident is the latest fallout from ransomware assaults on the healthcare sector.
Attackers are attempting to reset the passwords of some DigitalOcean customers, the cloud infrastructure provider says. The email addresses of these customers were likely exposed in a data breach involving Mailchimp, which provided transactional email services for DigitalOcean.
Signal says 1,900 of its customers have been affected by the recent phishing attack on its third-party vendor Twilio. Signal says phone numbers and SMS verification codes of 1,900 customers are compromised, potentially transferring access of these accounts to the attackers.
A lawsuit by an Idaho-based data marketing and analytics vendor against the U.S. Federal Trade Commission is the latest legal dispute spotlighting growing privacy concerns related to the tracking and collection of consumers' healthcare-related and location data.
Some 60 breaches affecting about 2.5 million individuals were added in July to the federal tally of major health data breaches. A vast majority of 2022 breaches continue to be linked to large hacking incidents and ransomware demands - with 40% tied to outside vendors.
Security executives at Black Hat USA 2022 discuss the latest cybersecurity trends from confidential computing and unified threat hunting languages to attack surface management and recovery services, social engineering campaigns and blockchain vulnerabilities.
Advanced, a critical software and services vendor to the U.K.'s National Health Service, confirms a ransomware attack by "financially motivated" threat actors is behind an IT outage that is still disrupting various NHS services, including 111. Some disruptions could last for weeks, the company says.
Black Hat USA 2022 opened with somber warnings from Chris Krebs about why application developers, vendors and the government need to solve major industry challenges. Key security executives also discussed DNS visibility, cloud security, patch management, APT strategies and supply chain woes.
It's not enough for medical device makers to provide a software bill of materials - there also needs to be close attention paid to how vulnerabilities in components are communicated and managed, says medical device security expert Ken Hoyme.
As the U.K.'s National Health Service continues to deal with the impact of a cyberattack on one of its critical IT suppliers, the situation underscores the risks posed by vendors - and the need to have business continuity plans ready to deploy.
The U.K.'s National Health Service is experiencing IT outages resulting from a cyberattack on a third-party vendor. Birmingham-based technology provider Advanced's Adastra system supplies digital services for urgent healthcare services number 111.
Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
Health insurer Aetna ACE reported to federal regulators a health data breach affecting nearly 326,000 individuals tied to an apparent ransomware incident involving OneTouchPoint, a subcontractor that provides printing and mailing services to one of the insurer's vendors.
A Florida operator of urgent care clinics recently reported to federal regulators a health data breach affecting more than 258,000 individuals tied to a vendor's ransomware attack in May 2021. Why did it take so long to determine that the incident resulted in breach of protected health information?
Two hacking incidents involving vendors providing important IT-related and other services to dozens of covered entity clients are among the latest breaches affecting hundreds of thousands of individuals' data and show how mounting reliance on third parties creates increased risk to patient data.