The Department of Health and Human Services (HHS)’ Office for Civil Rights (OCR) has published a YouTube video that tells at length how the HITECH Act amendment in 2021 concerning “Recognized Security Practices” is applicable […]
Passwords are an affordable and easy way of authentication. Although passwords offer a high level of security, the fact is that they are a weak spot that threat actors frequently exploit to acquire access to […]
A Californian appellate court has just announced the lower court’s decision to reject class-action status for a legal action filed against a healthcare provider in California because of an insider data breach that impacted 5,485 […]
The American Civil Liberties Union of Rhode Island (ACLU of RI) is filing a lawsuit against the Rhode Island Public Transit Authority (RIPTA) and UnitedHealthcare New England (UHC) because of a data breach in August […]
The U.S. government is working on enhancing critical infrastructure cybersecurity. The White House has chosen the healthcare, communications, and water sectors as the next priority areas. The White House is about to release new guidance […]
First, Novant Health stated that the protected health information (PHI) of 1.36 million individuals was transmitted to Meta. Now, Advocate Aurora Health is the second to confirm that it also put the Meta Pixel tracking […]
VisionWeb Holdings based in Austin, TX, a company providing the eye care industry with Internet-delivered software solutions for enhancing practice efficiency, lately submitted a data breach report to the HHS’ Office for Civil Rights indicating […]
Cybercriminals extensively target the healthcare industry in order to access healthcare networks for a variety of nefarious uses. Why are healthcare records remarkably valuable to criminals? Hackers do a lot to gain access to healthcare […]
Radiology Associates of Albuquerque (also known as RAA Imaging/Advanced Imaging, LLC) has lately informed patients about the theft of some of their protected health information (PHI) in a cyberattack that was discovered over A year […]
Aesthetic Dermatology Associates based in Pennsylvania has lately confirmed that unauthorized individuals accessed its network and possibly viewed and/or obtained files that contain the personal data and protected health information (PHI) of 33,793 present and […]
United Health Centers of the San Joaquin Valley (UNC) has offered a settlement deal to take care of a class action lawsuit filed for the sake of patients impacted by its Vice Society ransomware attack […]
Cardiac Imaging Associates based in Los Angeles, CA, has found out that an unauthorized person got access to the email account of an employee. The healthcare provider discovered the incident in April 2022, and took […]
Cytometry Specialists, Inc., conducting business as CSI Laboratories based in Alpharetta, GA, has lately reported that an unauthorized person accessed the email account of a worker and could have seen or acquired the protected health […]
CommonSpirit Health is dealing with a data security incident that has impacted a lot of its healthcare services. Based on an October 4, 2022 statement released by the health system, IT systems were inaccessible online […]
Mon Health is dealing with a class action lawsuit associated with a hacking incident that enabled unauthorized persons to acquire access to its system for 11 days in December 2021. According to Mon Health, it […]
Microsoft was cautioned about the exploitation in the wild of two zero-day vulnerabilities in Microsoft Exchange Server. It has discussed mitigations prior to the patching of the vulnerabilities. The two vulnerabilities are being linked together […]
Magellan Health has decided to resolve a class action data breach legal action and will set up a $1.43 million funding to pay for claims submitted by patients impacted by the data breach. Patients whose […]
A warning was released to the healthcare and public health (HPH) community regarding a Monkeypox phishing campaign attacking U.S. healthcare providers that tries to steal Office 365, Outlook, and other email account credentials. Monkeypox is […]
The HHS’ Office for Civil Rights (OCR) has made a decision to settle three investigations of dental practices for probable violations of HIPAA Right of Access . The three investigations were started after patients filed […]
Google Meet is an innovative VoIP and videoconferencing program that healthcare providers can use to deliver telehealth services, remote consultation services, and virtual patient sessions. However, is Google Meet compliant with HIPAA? Google Meet is […]
For three months now, the reported number of healthcare data breaches has gone down. August had 49 reported breaches involving 500 or more records, which is below the typical 58 breaches a month. The number […]
The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has informed 38,765 patients about the potential compromise of some of their protected health information (PHI) in a cyberattack that happened approximately on July 11, 2022. […]
The Ohio law company, Bricker & Eckler LLP, decided to resolve a class action data breach lawsuit filed on behalf of those impacted by a ransomware attack on the company in 2021. Bricker & Eckler […]
The Federal Bureau of Investigation (FBI) has released a TLP:WHITE Private Industry Notification notifying about persistent cybercriminal efforts attacking healthcare payment processors that endeavor to direct victim payments to accounts controlled by the attackers. These […]
Ambry Genetics has made a decision to settle a class action lawsuit that was due to a breach of the protected health information (PHI) of 232,772 patients. In April 2020, Ambry Genetics informed patients about […]
The Federal Bureau of Investigation (FBI) has given a private industry notification alert concerning the growing number of vulnerabilities in healthcare devices. When medical devices aren’t immediately patched and are operating on obsolete programs, malicious […]
Emerging technologies could transform the healthcare sector. Although there are lots of potential advantages, these technologies could bring risks that can endanger patient privacy and security. When vulnerabilities aren’t appropriately dealt with, threat actors can […]
Rapid 7 researchers found four vulnerabilities in Baxter and Sigma Spectrum infusion pumps. These devices are employed to supply patients with medications and nutrition. These TCP/IP enabled-devices are typically linked to healthcare networks. Vulnerabilities can […]
The healthcare provider based in Morristown, VT, Lamoille Health Partners, is dealing with a class action lawsuit because of a ransomware attack in June 2022 that impacted approximately 60,000 patients. Lamoille Health Partners discovered the […]
The HHS’ Office of Inspector General (OIG) has required the Health Resources and Services Administration (HRSA) to enhance supervision of the cybersecurity of the Organ Procurement and Transplantation Network (OPTN). The OPTN is a nationwide […]
Five vulnerabilities were found in CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor of Contec Health. A threat actor could exploit the vulnerabilities to carry out a denial-of-service attack, gain access to a root shell, […]
CorrectHealth Notifies 54,000 Patients About the Email System Breach in November 2021 CorrectHealth based in Alpharetta, GA is sending notifications to patients regarding a breach of its email accounts. The security breach was identified on […]
The Health Sector Cybersecurity Coordination Center (HC3) is alerting the healthcare and public health sector (HPH) regarding one of the ablest and hostile cybercrime syndicates presently active – Evil Corp. The group works from Russia […]
Avamere Holdings based in Wilsonville, OR, a provider of home health care services and operator of a nursing home, is dealing with a class action lawsuit due to a serious data breach that impacted 96 […]
EmergeOrtho, an orthopedic practice in North Carolina, has just informed 75,200 patients that unauthorized individuals accessed some of their protected health information (PHI). As per the substitute breach notice posted by EmergeOrtho, the practice detected […]
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has released an alert to the Healthcare and Public Health Sector (HPH) regarding a fairly new ransom threat group named Karakurt, which […]
Humana & Cotiviti have decided to resolve a class action lawsuit and the claims from people impacted by a data breach in 2020 that compromised the protected health information (PHI) of 64,654 people. Humana had […]
Onyx Technologies based in Largo, MD, a company offering Information Technology and Consulting Services and a vendor of Independent Care Health Plan (iCare), recently informed 96,814 health plan members about the potential compromise of some […]
July 2022 had 66 healthcare data breaches affecting 500 and up records reported to the Department of Health and Human Services Office for Civil Rights. This figure is 5.71% less than the 70 data breach […]
A digital marketing and analytics company based in Idaho filed a lawsuit against the Federal Trade Commission for allegedly violating the Federal Trade Commission (FTC) Act with its data practices. Kochava’s principal business unit offers […]
Practice Resources based in Syracuse, NY provides billing and other professional services. It encountered a data breach that affected the data of 942,138 persons. The breach notification provided to the California Attorney General indicated that […]
The health plan provider Priority Health based in Michigan has reported that it was affected by a data breach that occurred at a business associate, the law agency Warner Norcross & Judd (WNJ). Steps were […]
The Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have released a joint security advisory concerning the extensive attack on organizations in the healthcare and medical sectors by the […]
The American Data Privacy and Protection Act (ADPPA) presented in June was considerably revised in just a few days. Then, last month there was a new draft of ADPPA law presented having more changes. The […]
Zenith American Solutions, the Sound Health and Wellness Trust’s third-party manager, recently advised people regarding a mailing error that compromised their Social Security numbers of the people. Based on the breach notification, the company sent […]
Salinas Valley Memorial Healthcare System based in California has decided to negotiate a class action lawsuit by paying $340,000 to settle claims from patients impacted by the email security breach in 2020. From April 30, […]
Additional information was recently published regarding two cyberattacks on healthcare companies: Behavioral Health Group and Goodman Campbell Brain and Spine. Behavioral Health Group Reports Potential Compromise of Patient Data in December 2021 Cyberattack Behavioral Health […]
Dental Care Alliance decided to resolve a class action lawsuit filed due to a data breach that affected approximately 1.7 million people. A $3 million fund was reserved to cover claims from persons impacted by […]
Fast Track Urgent Care, an urgent healthcare clinic network in Florida, has announced that the protected health information (PHI) of 258,411 persons was exposed and possibly stolen due to a ransomware attack on PracticeMax, a […]
Meta is dealing with one more class action lawsuit because of the illegal collection and disclosure of health information with no content. The Northern District of California received the filed lawsuit on behalf of the […]
A big data breach was reported that has impacted many healthcare, senior living and rehabilitation centers in Arizona, Oregon, Nevada, Colorado, Utah, and Washington, which are managed by organizations that belong to the group Avamere […]
Almost all Americans are confident regarding their understanding of cybersecurity as per the latest AT&T study of 2,000 People in America. Nevertheless, bad cyber hygiene and poor password strategies remain a usual thing. OnePoll performed […]
Cybercriminals are increasingly attacking business associates of HIPAA-covered entities because of the ease of accessing the systems of a number of healthcare providers. To help healthcare delivery organizations (HDOs) manage the situation, the Cloud Security […]
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has released information to assist healthcare companies to be protected against web application attacks. In recent years, web applications have increased in […]
Blue Cross and Blue Shield of Massachusetts (BCBSofMA) has just confirmed that a data breach at a business associate resulted in the exposure of the protected health information (PHI) of a number of its health […]
In June 2022, 70 healthcare data breaches involving 500 or higher records were reported to the Department of Health and Human Services’ Office for Civil Rights (OCR). This number is two less than May and […]
The National Institute of Standards and Technology (NIST) has made updates to its guidance for HIPAA-covered entities on enforcing the HIPAA Security Rule to better secure patients’ personal data and protected health information (PHI). The […]
The Methodist Hospitals Inc decided to resolve a class action lawsuit and allocated a $425,000 fund for claims filed by victims in relation to a data breach in 2019 that impacted about 70,000 patients. The […]
A new Phishing by Industry Benchmarking Report showed that giving security awareness training to the employees considerably lowers risks to phishing attacks. KnowBe4 conducted the study to find out how helpful security awareness training is […]
The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has reported that Oklahoma State University – Center for Health Sciences (OSU-CHS) has decided to negotiate a HIPAA investigation arising from the […]
Health Aid of Ohio has decided to resolve a class action lawsuit to handle claims concerning its inability to secure the sensitive personal data of its clients. Health Aid of Ohio based in Parma, OH […]
The HHS’ Office for Civil Rights has lately released guidance to healthcare companies after the overturning of Roe v. Wade subsequent to the SCOTUS Dobbs v. Jackson Women’s Health Organization judgment, which took away the […]
The Federal Bureau of Investigation (FBI), the Department of the Treasury, and Cybersecurity and Infrastructure Security Agency (CISA) issued a joint security advisory to the healthcare and public health industry about the risk of Maui […]
Google has stated that it is going to take steps to improve privacy protections for end users of its services. Google has always recommended an extensive, national privacy law covering consumer data to make sure […]
The Department of the Treasury, Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Financial Crimes Enforcement Network (FinCEN) have released a joint cybersecurity warning regarding the MedusaLocker ransomware. The MedusaLocker […]
Senators Cory Booker (D-NJ), Ron Wyden (D-OR), and Elizabeth Warren (D-MA) have written to two prominent mental health app companies and sought responses regarding their practices on data collection and sharing. There were several reports […]
The Government Accountability Office (GAO) has advised the Department of Health and Human Services (HHS) to create a feedback system to enhance the efficiency of its data breach reporting procedure. The Health Information Technology for […]
Hearst Health subsidiary, MCG Health based in Seattle, is facing multiple class-action lawsuits due to a data breach that impacted approximately 10 healthcare companies such as Lenoir Health Care, Indiana University Health, Jefferson County Health […]
Acorda Therapeutics Reports Email Account Breach The biotechnology firm Acorda Therapeutics based in Ardsley, NY reported that an unauthorized third party acquired access to its email system and possibly viewed email messages and file attachments […]
University of Pittsburgh Medical Center has made the decision to negotiate a class action data breach lawsuit. It will set aside $450,000 to pay for claims from persons who have had losses because of the […]
PHI of Approximately 69,000 Persons Compromised in Comstar Hacking Incident Comstar based in Rowley, MA provides ambulance invoicing, collection, ePCR Hosting, and client/patient services. It found out that an unauthorized third-party acquired access to selected […]
Recently, Central Florida Inpatient Medicine (CFIM) based in Lake Mary, FL has found that an unauthorized person has accessed the email account of a staff member. The compromised emails and file attachments may contain the […]
A new bill has been launched by Sen. Elizabeth Warren (D-MA) that wishes to prohibit data brokers from selling the health and location information of Americans. The bill called The following senators co-sponsored the Health […]
Texas Tech University Health Sciences Center has announced the compromise of the protected health information (PHI) of 1,290,104 patients due to a data breach that occurred at Eye Care Leaders, its electronic medical record provider. […]
Shields Health Care Group is facing a class-action lawsuit over the 2 million-record data breach it recently announced. This is the largest healthcare data breach ever reported for this year. Shields Health Care Group is […]
Yuma Regional Medical Center (YRMC) based in Arizona has stated that it suffered a ransomware attack in April. The threat actors obtained the protected health information (PHI) of around 700,000 current and past patients. Based […]
The 2022 State of Ransomware Report published by cybersecurity firm Sophos revealed that ransomware attacks on healthcare providers increased by 94% year over year. The report based its information on a worldwide survey participated by […]
Atlassian has announced a patch to correct a critical zero-day vulnerability that impacts all supported versions of Confluence Server and Data Center. The vulnerability, which is tracked as CVE-2022-26134 has a maximum CVSS severity score […]
There is a new zero-day vulnerability discovered that impacts a Windows tool like Follina. Although there’s no information if the vulnerability was exploited in the wild, it is possible to exploit it. The recent attention […]
Five vulnerabilities were discovered in the Illumina Local Run Manager (LRM), which is utilized by Illumina Researcher Use Only (ROU) instruments and Illumina In Vitro Diagnostic (IVD) devices. The impacted instruments are employed for clinical […]
The law firm Morgan & Morgan filed a class-action lawsuit in the U.S. District Court for the District of Massachusetts against Injured Workers Pharmacy (IWP) in association with a breach of the personal records of […]
A New York Federal Judge dismissed a class-action lawsuit filed against Alliance HealthCare Services and NorthEast Radiology PC because of a data breach that compromised the protected health information (PHI) of above 1.2 million people […]
BJC HealthCare, a not-for-profit healthcare company located in St. Louis, MO, has begun informing a number of patients that an unauthorized individual accessed some of their protected health information (PHI) that was kept in email […]
A recent study conducted by Source Defense analyzed the risks related to using third- and fourth-party codes on online sites. They found that all modern, active websites had code that can be targeted by attackers […]
Oswego County Opportunities (OCO) in New York has reported that an unknown actor has recently accessed a small number of staff email accounts. OCO discovered the security breach because of notable suspicious email activity and […]
Researchers found out that a misconfigured AWS S3 bucket is exposing information. This cloud storage is owned by Breastcancer.org, a breast cancer support charity located in Ardmore, PA. SafetyDetectives learned that the unsecured AWS bucket […]
After four consecutive months of decreasing figures of data breaches, reported data breaches increased by 30.2%. In April 2022, the Department of Health and Human Services’ Office for Civil Rights (OCR) received 56 data breaches […]
Parker-Hannifin Cyberattack Affects About 120,000 Health Plan Members Parker-Hannifin Corporation based in Cleveland, OH, a company offering motion and control technologies, lately announced that unauthorized people have obtained access to a section of its IT […]
Based on the latest security advisory released by the Five Eyes Cybersecurity agencies in the U.K., U.S., Australia, Canada, and New Zealand, the most frequent attack vectors cyber threat actors use for preliminary access to […]
The medical equipment organization NuLife Med LLC based in Manchester, NH, has just announced that it encountered a cyberattack in March 2022. It discovered suspicious network activity on or approximately March 11, 2022, and took […]
The nonprofit health system Christus Health based in Irving, TX operates over 600 healthcare establishments in Arkansas, Texas, New Mexico, and Louisiana. It has been reported recently that it discovered suspicious activity with its computer […]
Unauthorized persons have acquired access to the computer systems of Eye Care Leaders, which is an electronic health records and patient management software solutions provider for eye care clinics. On or around December 4, 2021, […]
The tactics, techniques, and procedures (TTPs) employed by ransomware and other cyber attackers are always changing to elude identification and enable the groups to carry out more successful attacks. The Department of Health and Human […]
A new bill was presented to address the issue of cybersecurity of medical devices that will necessitate makers of medical devices to satisfy particular minimum criteria for cybersecurity with regard to the complete lifecycle of […]
Class action lawsuits were lately filed against Oregon Anesthesiology Group and Partnership Health Plan in Northern California because of ransomware attacks that resulted in the theft of sensitive patient/plan member information. Partnership Health Plan of […]
Healthplex Inc., one of the largest dental insurance providers located in New York state, has announced the compromise of an employee’s email account during a phishing attack on November 24, 2021. Upon discovery of the […]
The National Institute of Standards and Technology (NIST) released an updated version of the cybersecurity supply chain risk management (C-SCRM) guidance to aid businesses in developing an effective plan for identifying, evaluating, and responding to […]
Making and remembering long, complicated passwords is hard for many individuals, and it is made even more difficult because of the need to make passwords to protect several accounts – A study by NordPass advises […]
May 5, 2022 is World Password Day. This event was established in 2013 and is observed every first Thursday of May with the objective of bettering understanding of the value of using complex and unique […]
The Five Eyes security agencies, a group of intelligence agencies from Canada, Australia, New Zealand, the United States, and the United Kingdom have released a joint advisory regarding the 15 vulnerabilities in software programs and […]
Smile Brands located in Irvine, CA offers support services for dental clinics. It just gave a new report on the number of persons affected by a ransomware attack, which was uncovered on April 24, 2021. […]
The five eyes cybersecurity agencies have lately published a joint security advisory regarding the danger of cyberattacks on critical infrastructure carried out by pro-Russia cybercriminal groups and Russian nation-state threat actors. Intelligence collected by the […]
Georgia Pines CSB and Ballard Health recently reported security breaches that affected the protected health information (PHI) of 28,295 people. Ballad Health Finds Breach Involving Employee Email Account Ballard Health, an integrated community health improvement […]
The Federal Bureau of Investigation (FBI) has given a TLP: WHITE flash notification regarding the BlackCat ransomware-as-a-service (RaaS) operation. BlackCat, also called ALPHAV, which began in November 2021. It was released immediately after the shutdown […]
The HHS’ Office of Information Security Health Sector Cybersecurity Coordination Center (HC3) has released a TLP: White alert concerning the Hive ransomware gang – A specifically hostile cybercriminal operation that has substantially attacked the healthcare […]
For the fourth month now, there has been a drop in the number of reported healthcare data breaches. March 2022 had 43 healthcare data breaches involving 500 and up records reported to the U.S. Department […]
Newman Regional Health (NRH), which manages a 25-bed critical access hospital located in Emporia, KS, has lately begun informing 52,224 individuals that unauthorized persons have acquired access to selected employee email accounts containing protected health […]
Legal action was taken versus the in-home respiratory care company, SuperCare Health, because of a cyberattack and information breach report sent to the Department of Health and Human Services as of March 28, 2022. The […]
Resources for Human Development Breach Impacts 46,673 Persons Resources for Human Development (RHD), a national human services non-profit group based in Philadelphia, PA, has recently reported the theft of a hard drive that contains the […]
There were five zero-day vulnerabilities found in Aethon TUG autonomous mobile robots, which hospitals around the world use for transporting products, medicines, and other medical items. Hospital robots are alluring targets for hackers. When access […]
Due to the latest data breach at Mailchimp, the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) gave an alert regarding the risk of phishing attacks utilizing this email marketing service. […]
The U.S. Food and Drug Administration (FDA) has released new draft guidance to help medical device companies integrate cybersecurity features into their merchandise at the premarket phase, and to make sure safety risks are taken […]
Charleston Area Medical Center Breach Had 54,000 Victims Charleston Area Medical Center (CAMC) located in Charleston, WV, has just announced a phishing attack that allowed unauthorized individuals to get access to the email accounts of […]
SuperCare Health based in Downey, CA, a provider of post-acute, in-home respiratory care in the Western United States, recently began informing 318,379 individuals about the exposure of some of their protected health information (PHI) and […]
Two remote code execution vulnerabilities were discovered in the Spring platform – a well-known application framework utilized by software creators for quickly creating Java apps. Proof-of-concept exploits for the two vulnerabilities can be found in […]
An audit of Health Insurance Exchange of Connecticut, Access Health CT, by the state auditor indicated that Access Health CT experienced 44 data breaches in the period of 3.5 years and did not completely report […]
Partnership Health Plan of California Getting back from Alleged Ransomware Attack The nonprofit managed care health plan based in Fairfield, CA, Partnership Health Plan of California (PHC), experienced a cyberattack that resulted in the shut […]
$7 Billion Lost Every Year Because of Fraud Rep. Ted Archer explained a Congressional Report to the House Ways and Means Committee in March 1996. The report exposed the degree of abuse and fraud in […]
Conti Ransomware Gang Owns Responsibility for CSI Laboratories Cyberattack Cytometry Specialists, Inc. also known as CSI Laboratories in Alpharetta, GA, has lately announced that it encountered a cyberattack that was noticed on February 12, 2022. […]
$50,000 Civil Monetary Penalty Paid by Dental Practice for Social Media HIPAA Violation OCR investigated Dr. U. Phillip Igbinadolor, D.M.D. & Associates, P.A., (UPI), dental practice managing offices in Monroe and Charlotte, NC after a […]
Horizon Actuarial Services and the Clinic of North Texas have just announced breaches of the protected health information (PHI) of patients and plan members. Data Theft and Extortion Incident at Horizon Actuarial Services Horizon Actuarial […]
Two bipartisan senators introduced a new bill that aspires to enhance the cybersecurity of the healthcare and public health (HPH) industry, in consideration of the current White House alert about the growing danger of Russian […]
The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has published its 2021 Internet Crime Report, which shows that critical infrastructure organizations had about 649 ransomware attacks between June 2021 and December 2021. […]
Present Biden has released an alert regarding the growing threat of cyberattacks conducted by Russian state-sponsored hackers due to the economic sanctions enforced on the country as a reply to the attack on Ukraine. President […]
For the 3rd consecutive month, there is a decrease in the number of data breaches submitted to the HHS’ Office for Civil Rights (OCR). February had 46 healthcare data breaches involving 500 and up records […]
A woman was sentenced to 15 months imprisonment for being involved in a plan to defraud patients of a medical clinic based in Metairie, LA. In 2015, three persons were captured in association with the […]
The U.S. Department of Justice (DOJ) has reported the settlement agreed with the healthcare services company, Comprehensive Health Services (CHS) located in Cape Canaveral, FL to resolve alleged False Claims Act violations. This is the […]
South Denver Cardiology Associates (SDCA) has recently stated that it encountered a cyberattack last January 2022 that resulted in the access and potential theft of files comprising patient information by attackers. Unusual network activity was […]
Logan Health and subsidiary, sister, and related entities are facing legal action because of a data breach that happened in 2021 and impacted 213,543 patients of Logan Health Medical Center. Law firm Heenan & Cook […]
Duncan Regional Hospital Duncan Regional Hospital based in Oklahoma has reported that cybercriminals acquired access to its networks and possibly exfiltrated sensitive data of patient and employees. The hospital detected the breach on January 20, […]
Bible Fellowship Church Homes, Inc. doing business as Fellowship Community based in Whitehall, PA, has just announced a cyberattack it discovered on August 6, 2021. Digital forensics specialists investigated the incident and confirmed that unauthorized […]
Monongalia Health System (Mon Health) based in West Virginia has reported a cyberattack that resulted in the exposure of the patient, worker, and contractor information. This is the second big data breach reported by the […]
The healthcare field has been greatly attacked by ransomware gangs and victims frequently consider paying the ransom as the best solution to make certain a speedy recovery, however, the payment won’t always stop the extortion. […]
The HIPAA violation reporting process is different for different organizations because of differences in policies and procedures, and the process for sending violations reports to HHS´ Office for Civil Rights differs based on the nature […]
Jax Spine & Pain Centers Jax Spine and Pain Centers based in Jacksonville, FL has recently reported that it encountered a ransomware attack that happened on January 24, 2022. The attack was performed on an […]
The Houston Health Department has recently announced the exposure of personal information and COVID-19 test results of 10,291 people online due to a technical issue with its website. The problem enabled around 3,500 portal users […]
Two HIPAA-regulated entities have lately begun sending notifications to individuals whose protected health information (PHI) was possibly compromised in cyberattacks that happened more than a year ago. One entity took 18 months to alert affected […]
Logan Health Medical Center located in Kalispell, MT has lately begun sending notifications to some patients that hackers obtained access to a file server that stored patient data in a highly advanced criminal attack. The […]
The National Cybersecurity Center of Excellence (NCCoE) has released the NIST guidance final version on Securing Telehealth Remote Patient Monitoring Ecosystem (SP 1800-30). Healthcare delivery companies have been using more telehealth and remote patient monitoring […]
Sea Mar Community Health Centers located in Seattle, WA is confronted with a class-action lawsuit because of a cyberattack that led to the exposure of the protected health information (PHI) of 688,000 persons. The breach […]
The U.S. District Court for the Western District of New York has suggested the dismissal of a class action data breach suit against Practicefirst Medical Management Solutions regarding a ransomware attack in 2020. Medical management […]
Healthcare privacy regulations in the United States must be updated to bring them into the current age to make sure individually identifiable health information is secured regardless of how it is gathered and shared. The […]
Morley Companies based in Saignaw, MI has lately reported that it encountered a cyberattack that began on August 1, 2021, resulting in the inability to access data from its data systems. The business services provider […]
CaptureRx has offered to pay $4.75 million to resolve claims associated with a 2021 data breach that impacted roughly 2.4 million patients of its healthcare company customers. CaptureRx is a medical care administrative service company […]
Cross Timbers Health Clinics located in Brownwood, Texas, doing business with the brand AccelHealth, encountered a ransomware attack last December 15, 2021, which kept the Federally Qualified Health Center from obtaining access to a number […]
The Rhode Island Attorney General is conducting an investigation involving the Rhode Island Public Transit Authority (RIPTA) and UnitedHealthcare because of a cyberattack and security breach that allowed hackers to access RIPTA’s system that held […]
The HHS’ Health Sector Cybersecurity Coordination Center (HC3) has published a report giving information about the Conti ransomware attack on the Health Service Executive (HSE) in Ireland last May 2021, as well as guidance for […]
Suncoast Skin Solutions, a network composed of 22 surgical, medical, and cosmetic dermatological care clinics based in Florida, recently began sending notifications to 57,730 patients regarding a ransomware attack it discovered on July 14, 2021. […]
Ransomware gangs are increasingly taking advantage of unpatched vulnerabilities in software applications and operating systems to acquire access to company networks, and they are adopting zero-day vulnerabilities quickly. Unpatched vulnerabilities are currently the major attack […]
In September 2021, the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) released a notification warning the health industry concerning a higher threat associated with BlackMatter ransomware attacks. A couple of […]
It is crucial for nursing students to be familiar with the HIPAA guidelines since nursing students perform a role in providing healthcare. When nursing students do not have enough training in HIPAA compliance, the privacy […]
The HIPAA Breach Notification Rule requires the sending of data breach notification to the Secretary of the HHS “without unnecessary delay” and not later than 60 days after the discovery date of a data breach. […]
Advocates Inc based in Massachusetts., a nonprofit provider of support services for persons suffering from life challenges like autism, addiction, brain injury, intellectual disabilities, mental health, and behavioral health, has announced it recently encountered a […]
A wrong configuration of an internal website portal used by a Florida county drug screening laboratory exposed sensitive data on the internet for over four years. St. Lucie County’s drug screening lab (SLC Lab) offers […]
New York Attorney General Letitia James announced the first settlement deal of 2022 over a healthcare data breach. The vision benefits provider based in Ohio, Med Vision Care, is going to pay $600,000 as a […]
A current study by Cynerio, a healthcare IoT security platform provider, has uncovered that 53% of connected medical devices and other healthcare IoT devices have no less than one unaddressed critical vulnerability that can possibly […]
The DHS’ Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to all companies in America to take prompt action to get ready for attempted cyberattacks using a new wiper malware employed in targeted […]
An $18.4 million settlement has been reached to resolve a class-action lawsuit filed against Mass General Brigham in relation to the usage of site analytics tools, cookies, pixels, and related technologies on a number of […]
In December 2021, there were 56 data breaches involving 500 and up healthcare records reported to the HHS’ Office for Civil Rights (OCR), which showed a 17.64% drop compared to the past month. In 2021, […]
Jefferson Surgical Clinic based in Roanoke, VA has started alerting patients concerning the potential compromise of some of their protected health information (PHI) due to a cyberattack that was uncovered on June 5, 2021. Based […]
The tech firm Accellion in Palo Alto, CA made a proposal for an $8.1 million settlement to take care of a class action data breach suit that was filed on behalf of affected individuals of […]
The digital pharmacy and health app developer Ravkoo based in Auburndale, FL has started sending notification letters to a number of patients regarding an unauthorized individual who viewed and potentially stole some of their sensitive […]
The Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Cybersecurity and Infrastructure Security Agency (CISA) have given a joint alert to caution about the danger of Russian cyberattacks on critical infrastructures, […]
In 2019, it was scary to have over 1 healthcare data breach report daily. In 2021, certain months had over two healthcare data breaches per day. With data breaches occurring so often and ransomware attacks […]
Anthem Inc. has notified 2,003 members that an unauthorized individual potentially viewed or obtained some of their protected health information (PHI) after gaining access to the network of one of its business associates. Anthem works […]
A specialty pharmacy based in Florida is dealing with a class-action lawsuit concerning an October 2021 cyberattack that resulted in the stealing of the personally identifiable information (PII) and protected health information (PHI) of around […]
Fertility Centers of Illinois (FCI) has lately advised 79,943 present and past patients concerning unauthorized persons that may have accessed or acquired some of their protected health information (PHI). FCI found suspicious system activity last […]
The Rhode Island Public Transit Authority (RIPTA) has just informed the Department of Health and Human Services’ Office for Civil Rights regarding a data breach that affected the protected health information (PHI) of 5,015 individuals […]
Some of the major healthcare data breaches of 2021 are the worst in history. This post summarizes the major data breaches reported in 2021. The Department of Health and Human Services’ Office for Civil Rights’ […]
Saltzer Health based in Nampa, Idaho has begun informing a number of patients regarding the exposure of their protected health information (PHI) due to an email account breach, which was discovered on June 1, 2021. […]
If a covered entity or business associate fails in complying with HIPAA rules, OCR is authorized to impose fines for HIPAA noncompliance – whether there’s no PHI breach or complaint. Following a great deal of […]
The gastroenterology healthcare provider based in Bradenton, FL called Florida Digestive Health Specialists (FDHS) has lately begun informing over 212,000 patients regarding the exposure of some of their protected health information (PHI) in a cyberattack […]
There is a 15.25% increase (compared to October) in the number of healthcare data breaches reported to the HHS’ Office for Civil Rights. November had 68 data breaches involving 500 and up records reported. For […]
A class-action lawsuit was filed versus San Juan Regional Medical Center in Farmington, New Mexico in relation to a reported data breach last June 2021. According to the breach investigation, there was an unauthorized individual […]
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued new guidance to discuss how the HIPAA Privacy Rule is applicable to disclosures of protected health information (PHI) to support applications […]
Eduro Healthcare in Salt Lake City, UT has advised 8,059 individuals regarding the potential exposure of their PHI. In March 2021, the healthcare company found suspicious activity in its network and took quick action to […]
Texas Ear, Nose & Throat Specialists P.A. (Texas ENT Specialists) recently suffered a cyberattack that was discovered on October 19, 2021. The moment the attack was identified, immediate action was done to avoid further access […]
The number of healthcare organizations affected by the latest ransomware attack on Kronos has been increasing in the past few days. 7 healthcare companies have now reported that they have been impacted by the attack. […]
The accountancy company Bansley and Kiener LLP based in Chicago, IL has announced that it encountered a ransomware attack in December 2020 that resulted in the encryption of certain files within its systems. The attack […]
On July 11, 2021, the Oregon Anesthesiology Group found out that it encountered a ransomware attack that resulted in the encryption of files on its systems and preventing access to its servers and patient data. […]
A maximum-severity vulnerability was discovered in Apache Log4j, which is an open-source logging library based in Java. It is utilized by a lot of organizations in their business programs and by numerous cloud solutions. The […]
A number of Hillrom Welch Allyn Cardio products had been found to have a high severity vulnerability that permits an attacker to access accounts without using a password. The vulnerability involves an authentication bypass problem […]
SonicWall has launched a new software program for its Secure Mobile Access (SMA) 100 series remote access appliances that correct 8 vulnerabilities which include 2 critical and 4 high-severity vulnerabilities. Threat actors are exploiting vulnerabilities […]
Three healthcare providers have lately announced security breaches affecting the email accounts of workers. The incidents potentially led to the compromise and possible theft of the protected health information (PHI) of over 40,000 people. Saltzer […]
The Health Information Sharing and Analysis Center (Health-ISAC) has released guidance for Chief Information Security Officers (CISOs) on adopting an identity-centric strategy to enable safe and quick access to patient information to satisfy the interoperability, […]
The Department of Health and Human Services made an announcement about its new website that provides guidance and resources to assist the medical care and public health industry to offset cybersecurity threats. The website was developed […]
Legal action was filed against Quest Diagnostics and ReproSource Fertility Diagnostics, its subsidiary, in the US District Court for the District of Massachusetts because of a ransomware attack in August 2021 that impacted 350,000 individuals. […]
Mental health clinic NorthCare based in Oklahoma City, OK encountered a ransomware attack in June 2021 that led to the exposure of the protected health information (PHI) of patients. NorthCare learned about the suspicious activity […]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued new guidance for businesses to help them protect mobile devices and safely access company resources utilizing mobile gadgets. The Enterprise Mobility Management (EMM) system checklist was […]
Upstate Homecare, Consociate Health and Sarasota MRI, and have lately informed regulators and patients concerning security incidents relating to their personal data and protected health information (PHI). Upstate Homecare Informs 5,100 Patients Concerning Ransomware Attack […]
A former staff of Huntington Hospital located in New York is confronted with a criminal HIPAA violation case related to the unauthorized accessing of health records of 13,000 patients. The night shift hospital staff impermissibly […]
The Department of Health and Human Services’ Office for Civil Rights received 59 healthcare data breach reports involving 500 or higher records in October. The number of healthcare breaches in October is 25.5% higher than […]
The health insurance agency True Health New Mexico based in Albuquerque, NM began informing a number of health plan members regarding the exposure and possible theft of protected health information (PHI). True Health New Mexico […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have cautioned companies in the United States regarding the greater risk of cyberattacks during the Thanksgiving period. Cyber threat actors are […]
University Hospital Newark (NY) reported that a former hospital employee acquired the protected health information (PHI) of thousands of patients by accessing the records without authorized consent for a one-year period. That information was later […]
Orthopedic practice Lakeshore Bone & Joint Institute based in Indiana, has encountered a breach that affected its Microsoft Office 365 environment, including emails and file attachments that store the protected health information (PHI) of some […]
The protected health information (PHI) of 1,271,642 people was exposed and possibly stolen in two healthcare hacking incidents that were recently reported to the Department of Health and Human Services’ Office for Civil Rights. PHI […]
The New Jersey Attorney General has allowed a $130,000 settlement with two printing companies to resolve affirmed violations of the New Jersey Consumer Fraud Act (CFA) and Health Insurance Portability and Accountability Act (HIPAA) that […]
Southern Ohio Medical Center (SOMC) in Portsmouth, OH, is recouping from a cyberattack that happened on November 11, 2021. Because of the cyberattack, the hospital had to go on diversion and reroute ambulances to alternative […]
The HHS’ Health Sector Cybersecurity Coordination Center (HC3) has released a threat alert for the healthcare sector regarding cyber threat actors using the Cobalt Strike penetration testing tool. Cobalt Strike is a potent red team […]
8,412 Patients’ PHI Potentially Exposed Due to Surecare Specialty Pharmacy Ransomware Attack Surecare Specialty Pharmacy based in El Paso, TX has lately reported that it had suffered a sophisticated ransomware attack last August 16, 2021. […]
Two vulnerabilities with high severity scores were discovered in the Philips Tasy EMR that may result in the extraction of sensitive patient information from the database. An attacker can exploit the vulnerabilities remotely. There’s a […]
Seneca Family of Agencies located in California, a provider of education, juvenile justice, mental health, placement, and permanency services, discovered unauthorized activity in its computer systems on August 27, 2021. The action was promptly undertaken […]
Family of Woodstock (FOW), a New York provider of crisis intervention, information, prevention, and support services, has experienced a cyberattack that resulted in the potential compromise of the protected health information (PHI) of 8,214 people. […]
A federal judge has decided to favor the University of Mississippi Medical Center (UMMC) in a case of unauthorized access and data theft versus three ex-workers. UMMC filed a lawsuit against Dr. Spencer Sullivan as […]
Hallettsville, Texas’ critical access hospital Lavaca Medical Center, has begun informing 48,705 individuals regarding a security breach wherein their protected health information (PHI) was exposed. Lavaca Medical Center stated it detected abnormal activity in its […]
A new study has shown prevalent security problems at healthcare companies, which include bad access controls, few limitations on access to protected health information (PHI), and bad password practices, which put sensitive information in danger. […]
When a federal agency gives healthcare services, there may be situations in which workers must go through both HIPAA and Privacy Act training. Furthermore, as a growing number of states enact their own privacy regulations, […]
Syracuse ASC, doing business as Specialty Surgery Center of Central New York, has begun informing 24,891 patients regarding unauthorized individuals who got access to its computer network and potentially viewed some of their protected health […]
B. Braun has introduced software updates to resolve five vulnerabilities identified in Infusomat Space and Perfusor Space Infusion Pumps. An attacker with low-level skill can exploit the vulnerabilities remotely. In North America, the vulnerabilities have […]
Johnson Memorial Health has submitted a report concerning a ransomware attack that occurred on October 1, 2021, which resulted in files encryption of files that affected its IT systems. Emergency procedures were easily followed and […]
In September, there was a 23.7% more month-over-month reported cases of healthcare data breaches. The Department of Health and Human Services’ Office for Civil Rights received 47 data breach reports involving 500 and up records. […]
University Hospital Newark (NY) has found out that an ex-worker had accessed the protected health information(PHI) of many patients with no permission over the span of one year. That information was then shared with other […]
Professional Dental Alliance, an organization of dental practices associated with the North American Dental Group, informed its patients that an unauthorized person accessed some of their protected health information (PHI) kept in email accounts from […]
Around 27,500 people are being advised regarding the theft of some of their personal data when the American Osteopathic Association (AOA) encountered a cyberattack. AOA is a professional organization based in Chicago that represents approximately […]
Password managers for MSPs are used for securing the credentials of a business or client. Passwords are stored in a secure user vault. Every time a user goes to a website for which he/she has […]
Premier Patient Health Care based in Carrollton, TX has found out that an unauthorized individual had obtained the protected health information (PHI) of 37,636 patients in an insider data breach incident. Premier Patient Health Care […]
ReproSource Fertility Diagnostics based in Malborough, MA has encountered a ransomware attack that allowed hackers to get access to networks holding the protected health information (PHI) of roughly 350,000 patients. ReproSource is a top reproductive […]
A previous patient of Northwestern Memorial HealthCare (NMHC) filed a lawsuit against Elekta Inc. regarding its ransomware attack and security breach last April 2021. Many U.S. healthcare providers are business associates with Elekta, a Swedish […]
Eskenazi Health based in Indianapolis, IN reported a ransomware attack that was discovered on or approximately August 4, 2021. The IT team noticed suspicious activity and promptly de-activated systems to control the attack. Emergency procedures […]
Californian healthcare provider San Diego Health is facing multiple class-action lawsuits over a data breach impacting the protected health information (PHI) of 496,949 patients. San Diego Health discovered suspicious activity in the email accounts of […]
Entities governed by the Health Insurance Portability and Accountability Act (HIPAA) have to give their employees security awareness training, however, a new report indicates that training is missing at a lot of HIPAA-governed entities. KnowBe4, […]
Navistar Inc. based in Lisle, IL has sent more notification letters to persons impacted by a security breach that was discovered on May 20, 2021. The American truck maker straight away enforced its cybersecurity response […]
PHI of Up to 3,634 Individuals Exposed at Vista Radiology Ransomware Attack Vista Radiology located in Knoxville, TN has informed 3,634 patients regarding a ransomware attack encountered on July 11, 2021 which resulted in the […]
The Vice Society ransomware group states to have carried out a ransomware attack on United Health Centers of San Joaquin Valley, a healthcare provider in California. United Health Centers manages over 20 community health centers […]
Eastern Los Angeles Regional Center learned that an unauthorized person had accessed the email account of one of its employees. On July 15, 2021, the center noticed suspicious activity in the email account and performed […]
Family Medical Center of Michigan (FMC) located in Temperance, MI has advised 21,988 patients regarding a July 2020 ransomware attack that resulted in the potential compromise of their protected health information (PHI). FMC stated that […]
August 2021 had 44% less number of reported healthcare data breaches. Healthcare providers, health plans, and their business associates reported 38 healthcare data breaches involving 500 or more records. Including August’s reported data breaches, the […]
The Alaska Department of Health and Social Services (DHSS) is about to begin mailing notification letters to all people in the state to let them know about the potential compromise of their personal and health […]
Austin Cancer Centers is notifying 36,503 patients regarding the compromise of some of their protected health information (PHI) because of a security incident identified on August 4, 2021. Unauthorized people were learned to have acquired […]
California’s Department of State Hospitals – Coalinga (DSH-C) has informed 1,738 patients about the impermissible disclosure of some of their protected health information (PHI) by a DSH-C employee. The United States District Court, Eastern District […]
Creators of health applications and wearable devices like fitness trackers that get health information received a warning from the Federal Trade Commission (FTC) that they must abide by the FTC Health Breach Notification Rule and […]
The protected health information (PHI) of 116,898 patients of HealthReach Community Health Centers based in Waterville, MA was exposed and possibly compromised. HealthReach Community Health Centers manages 11 community health centers located in Western and […]
Two DuPage Medical Group patients are taking legal action against the healthcare provider right after a July 2021 ransomware attack through which patients’ protected health information (PHI) was compromised. DuPage Medical Group experienced the ransomware […]
On June 25, 2021, Mental health service provider Wedge Recovery Centers based in Philadelphia, Pennsylvania, found suspicious activity in its computer network that suggested unauthorized persons had accessed its systems. The provider immediately took steps […]
Denton County in Texas has identified a vulnerability in a third-party provider software utilized in association with the personal health information (PHI) of individuals that was possibly exploited by unauthorized people. The software was utilized […]
The Cybersecurity and Infrastructure Security Agency (CISA) has refreshed its listing of cybersecurity bad practices that should be eliminated. Cyber threat actors frequently carry out highly sophisticated attacks to obtain access to internal systems and […]
New research of breach reports sent to the Department of Health and Human Services’ Office for Civil Rights has shown that outpatient facilities and specialty clinics were attacked by cyber threat actors more often than […]
Atlanta Allergy & Asthma has begun sending notifications to 9,851 patients regarding a January 2021 cyberattack whereby their protected health information (PHI) was exposed and possibly breached. Atlanta Allergy & Asthma stated its investigation into […]
San Andreas Regional Center located in San Jose, CA has begun informing patients regarding the potential compromise of their PHI in a ransomware attack in July 2021. On July 5, its systems and servers were […]
Metro Infectious Disease Consultants is informing 171,740 patients concerning an email security incident uncovered on June 24, 2021. An unauthorized person had acquired access to some employees’ email accounts which included the protected health information […]
HIPAA-covered entities and their business associates are still reporting big numbers of healthcare data breaches. July had 70 reported data breaches involving at least 500 records, which means having 2 or more data breaches reported […]
South Florida Community Care Plan has learned that an ex-employee mailed to a personal email account the internal documents that contain the protected health information (PHI) of plan members. The breach was identified on June […]
St. Joseph’s/Candler (SJ/C) hospital system located in Savannah, GA had been attacked by ransomware on June 17, 2021 at approximately 4 a.m. After becoming aware of the suspicious activity in its system, SJ/C quickly worked […]
At the beginning of August, a hacker contacted Dissent of DataBreaches.net and professed to have acquired access to the systems of an HVAC vendor and the systems of its customers, such as Boston Children’s Hospital. […]
The personal information of 750,000 Hoosiers gathered together with a COVID-19 contact tracing survey performed by the Indiana Department of Health was exposed on the internet and downloaded by an organization not allowed to get […]
Ransomware attacks on hospitals can result in massive financial deficits, just like what the Ryuk ransomware attack did on Universal Health Services. UHS is one of the biggest healthcare companies in America and runs 26 […]
USA Waste-Management Resources, LLC has begun informing a number of employees, ex-employees, and dependents covered by its self-managed health plan regarding the potential compromise of some of their personal data and protected health information (PHI) […]
The email accounts of some employees of Children’s Hospital of The King’s Daughters (CHKD) based in Norfolk, VA were compromised in a phishing attack. CHKD stated in its August 10, 2021 breach notification that the […]
The Journal of the American Medical Informatics Association (JAMIA) published a recent study that sought to determine the connection of cybersecurity risk ratings to healthcare data breaches. The study was carried out utilizing hospital cybersecurity […]
NCH Corporation based in Irving, TX, a global marketer of maintenance products, submitted a report concerning an alleged ransomware attack. The company detected suspicious network activity inside its networks on March 5, 2021, that made […]
Ransomware attacks have gone up considerably in the last 12 months, nevertheless, phishing attacks still bring about problems for companies, based on a recent survey done by Arlington Research together with security company Egress. Nearly […]
Nine critical vulnerabilities were found in the Swisslog Healthcare Translogic Pneumatic Tube System (PTS) stations’ Nexus Control Panel, which are utilized in over 80% of big hospitals in the U.S.A. Pneumatic tube systems are employed […]
Kubernetes is a well-known open-source cloud tool for deploying and running containerized applications. Lately, there were a number of security breaches that allowed hackers to get access to badly secured Kubernetes accounts to steal sensitive […]
Harris County in Texas has uncovered that the personal and health information (PHI) of thousands of people were exposed on the internet. It is likely that unauthorized individuals may have accessed this data. Under Harris […]
The U.S. Department of Justice reported that a federal court in the Eastern District of Texas has sentenced a Texas lady to serve 30 months in federal prison for committing a conspiracy to acquire protected […]
Based on the newest report from ransomware incident response firm Coveware, there is a 38% decline in the average ransom payment made by victims of ransomware attacks between Q1 and Q2, 2021. Q2’s average ransom […]
2020 was notably bad for the healthcare sector considering the record numbers of reported data breaches. Ransomware was a big threat. Emsisoft identified 560 ransomware attacks on healthcare companies last 2020. According to Comparitech, the […]
The Cancer Center at Greenwood Leflore Hospital (CCGLH) in Mississippi informed its patients about the Elekta ransomware attack as a preventative measure to avert identity theft and fraud. Elekta notified CCGLH on May 17 regarding […]
The Nebraska Department of Health and Human Services has made an announcement about a security incident that involved the protected health information (PHI) of clients of Aging Partners, a department of the City of Lincoln. […]
Oklahoma Heart Hospital has begun informing a number of patients regarding a privacy incident wherein paperwork that contains some patient data was unintentionally contributed to charity. A former worker had written notes by hand that […]
For three successive months, there has been an increase in the number of reported healthcare data breaches involving at least 500 records. June had 70 data breaches involving at least 500 records reported to the […]
University Medical Center of Southern Nevada (UMC) has encountered a ransomware attack and had patient data stolen. The medical center said it identified suspicious activity within the hospital system in mid-June and had taken fast […]
Another three healthcare providers made an announcement that they were affected by the recent ransomware attack on Elekta Inc, the Swedish radiation therapy and radiosurgery solution provider. Elekta has a cloud-based mobile app known as […]
Sierra Nevada Primary Care Physicians based in California is notifying 1,717 patients regarding an incident that resulted in the stealing of selected protected health information (PHI), which includes names and credit card details. The District […]
The protected health information (PHI) of around 30,063 Florida Blue (Blue Shield of Florida and Blue Cross) members might have been seen or acquired during a brute force attack on the online member portal of […]
Like California and Virginia, Colorado has passed a comprehensive data privacy law to protect state locals. There were several amendments made before the Colorado Privacy Act went over the line. The state Senate finally passed […]
The pharmacy and supermarket company Kroger has offered to pay $5 million to settle lawsuits which the victims of a data breach filed because their personal data and protected health information (PHI) were exposed. Kroger […]
Coastal Family Health Center (CFHC), the fourth biggest community health center based in Mississippi, has begun informing patients regarding a May 13, 2021 cyberattack that compromised some of their protected health information (PHI). CFHC stated […]
According to a new NBC4 Investigates Report, a breach of the Ohio State University’s (OSU) pilot program that assists veterans to recuperate from Post Traumatic Stress Disorder (PTSD) and other psychological health problems led ot […]
Two former patients filed a class-action lawsuit against BJC HealthCare in relation to an email data breach in March 2020, but the lawsuit has made it through two motions to dismiss. Bradley Dean Taylor and […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool that organizations can use to evaluate how effectively they are prepared to protect against and recuperate from a ransomware attack. The threat […]
The DHS’ Cybersecurity and Infrastructure Security Agency (CISA) has released a new information that details cybersecurity bad practices, which are extremely harmful and considerably increase threat to critical infrastructure. There are a lot of publicized […]
Five Rivers Health Centers located in Ohio has advised 155,748 patients regarding the unauthorized access to some of their protected health information (PHI) contained in email accounts as a consequence of a phishing attack. There […]
The Government Accountability Office has released a report right after an evaluation of the organizational strategy to the U.S. Department of Health and Human Services (HHS)cybersecurity. The study was done because both the HHS and […]
An ex-employee of Aultman Health Foundation viewed 7,300 patient information with no permission for nearly 12 years prior to the discovery of the HIPAA violation. The employee was given access to patient information to carry […]
Scripps Health in San Diego is looking at several class-action lawsuits due to a ransomware attack on April 29, 2021 that affected 147,267 people. As a result of the attack, the 5-hospital healthcare system needed […]
In October 2020, Mayo Clinic reported that a former employee was found to have committed impermissible access to the health records of roughly 1,600 patients. Based on a statement released by the Mayo Clinic, the […]
The National Institute of Standards and Technology (NIST) has published a draft Cybersecurity Framework Profile for Ransomware Risk Management to be able to guide organizations avoid, respond and recuperate from ransomware attacks. The Ransomware Profile […]
A bipartisan group of senators has brought in a federal data breach notification bill- the Cyber Incident Notification Act of 2021 – that calls for all federal organizations, contractors, and firms that have supervision over […]
May was 2021’s worst month thus far in terms of healthcare data breaches. The Department of Health and Human Services’ Office for Civil Rights recorded 63 breaches involving 500 or more records in May. For […]
South Texas Health System has informed 6,761 regarding some of their protected health information (PHI) that had been accidentally disclosed. South Texas Health System offers discharge directions following patients are given medical care in its […]
The Connecticut legislature has improved its data breach notification rule, extending the definition of personal information and reducing the maximum period of time for providing breach notices. The new legislation brings the data breach notification […]
A cyberattack on Service Employees International Union 775 (SEIU 775) Benefits Group, which is a benefits manager for home healthcare and nursing home employees, resulted in the removal of sensitive information. IT employees discovered issues […]
The Chief Operating Officer of an IT security agency is facing a lawsuit due to a financially driven cyberattack on Gwinnett Medical Center based in Lawrenceville, GA last September 2018. Vikas Singla, aged 45, of […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released a security alert concerning 6 vulnerabilities identified in the ZOLL Defibrillator Dashboard, which include a remote code execution vulnerability with critical 9.9 severity. An anonymous person […]
The health insurance and healthcare provider Humana in Louisville, KY and its business associate Cotiviti are confronted with legal action due to a data breach identified in late December 2020. On May 26, 2021, a […]
In September 2020, Nebraska Medicine and the University of Nebraska Medical Center found out that their systems were hacked and downloaded with malware allowing the hackers access to the protected health information (PHI) of approximately […]
The National Institute of Standards and Technology (NIST) has posted its latest report about the usage of biometric authentication on cellular devices to permit first responders to obtain quick access to sensitive information, at the […]
Attleboro, MA-based Sturdy Memorial Hospital is notifying 57,379 patients regarding a computer security incident that happened on February 9, 2021 whereby patient data was compromised. In accordance with the breach notice issued by the hospital, […]
The HHS’ Office for Civil Rights has reached a settlement with The Diabetes, Endocrinology & Lipidology Center, Inc. (DELC) to resolve a potential violation of the HIPAA Right of Access. This is OCR’s 8th financial […]
The Federal Bureau of Investigation (FBI) has given a Flash Notification cautioning Fortinet Fortigate appliances end users that Advanced Persistent Threat (APT) groups are planning to target devices that haven’t been patched for three vulnerabilities: […]
Microsoft has found a huge spear-phishing campaign executed by the Russian Advanced Persistent Threat (APT) group, which is responsible for the SolarWinds Orion supply chain attack. Since January 2021, Microsoft has tracked the APT group […]
RMcKinley Christian Health Care Services (RMCHCS) in Gallup, NM submitted a report regarding a ransomware attack in February 2021 that resulted in patient data exfiltration. The attack in February conducted by the Conti ransomware gang […]
CareSouth Carolina based in Hartsville, SC has informed 76,035 patients regarding the likely exposure of some of their protected health information (PHI) because of a ransomware attack on Netgain Technologies, its IT service provider. Netgain […]
ZocDoc based in New York, which provides a platform that allows potential patients to schedule meetings with doctors and dentists, has found an issue in its software program that permitted patient information to be seen […]
There has been a great deal of uncertainty regarding the case of inquiring somebody if they have gotten a COVID-19 vaccine. Does it constitute a HIPAA violation, particularly with regards to employers asking their staff […]
Health Plan of San Joaquin (HPSJ), which is a non-profit provider of Medi-Cal managed care located in French Camp, CA, found out that an unauthorized person has acquired access to its email system and possibly […]
A number of healthcare organizations have shown concern concerning the HIPAA Privacy Rule modifications recommended by the Department of Health and Human Services (HHS) last December 2020 and publicized in the Federal Register last January. […]
New England Dermatology has begun informing 58,106 patients regarding the compromise of some of their protected health information (PHI). In a breach notice last April 30, 2021, New England Dermatology stated that its in-house pathology […]
© Copyright 2003 to 2024 calHIPAA