Threat Groups Still Target COVID-19 Vaccine Cold Chain
Advanced persistent threat groups continue to target the worldwide COVID-19 vaccine cold chain, based on an up-to-date IBM Security X-Force report. X-Force researchers publicized a…
Read MoreAdvanced persistent threat groups continue to target the worldwide COVID-19 vaccine cold chain, based on an up-to-date IBM Security X-Force report. X-Force researchers publicized a…
Read MoreNebraska Medicine began informing roughly 219,000 patients regarding a malware attack that permitted an unauthorized person to access and get hold of patient data. On…
Easy Healthcare Corp. based in Burr Ridge, IL is facing a lawsuit for the alleged giving of sensitive user data to third-party companies located in…
Tenable published a new report which revealed that more or less half of all healthcare data breaches are caused by ransomware attacks, and in most…
The U.S. Department of Health and Human Services has offered $20 million to enhance data sharing between health information exchanges (HIEs) and immunization information systems….
The Department of Health and Human Services’ Office for Civil Rights (OCR) resolved 19 cases of HIPAA violation in 2020. This year, OCR issued the…
The National Security Agency (NSA) has issued guidance to assist organizations in eliminating weak encryption protocols that threat actors are presently taking advantage of to…
The House Energy and Commerce Committee passed the HIPAA Safe Harbor Bill (HR 7988). The new bill is an attempt to modify the HITECH Act…
GenRx Pharmacy in Scottsdale, AZ is notifying selected patients regarding the potential compromise of their protected health information (PHI) due to a ransomware attack. The…
Cedar Springs Hospital located in Colorado Springs, CO is sending notification to a number of patients regarding the loss of a portable storage device that…
The U.S. National Security Agency (NSA) has given a cybersecurity alert regarding the campaign of Russian state-sponsored hacking groups to target a vulnerability identified in…
Four vulnerabilities were identified in the OpenClinic application, the most severe of which can allow unauthorized users to circumvent authentication and view protected health information…
A recent private industry alert from the Federal Bureau of Investigation (FBI) showed that threat actors employing Ragnar Locker ransomware have leveled up their attacks…
Office 365 users have been notified concerning the current phishing campaign that gathers user credentials. The attackers use advanced tactics to circumvent email security tools…
The TrickBot botnet is being utilized to perform a new phishing campaign that distributes the Buer loader and Bazar backdoor malware. Research experts at Area…
A ransomware attack on Cone Health in Greensboro affected just one practice, Alamance Skin Center in Burlington, NC. The attack took place in late July…
Vastaamo, a top psychotherapy service provider in Finland, has encountered a cyberattack that ended with stolen highly sensitive patient information. The attackers issued threats to…
The U.S. Department of Justice made a statement concerning the indictment of 6 Russian hackers for taking part in the 2017 NotPetya malware attacks and…
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued the 12th HIPAA penalty for this year 2020. With respect to…
Insider Breach at UMMA Community Clinic University Muslim Medical Association (UMMA) Community Clinic in Los Angeles found out that a former employee sent a secured…
Alameda Health System (AHS) based in Alameda, CA, an outpatient, inpatient, emergency, and wellness services provider within the East Bay area, discovered that an unauthorized…
The Department of Health and Human Services’ Office for Civil Rights recently reported the 10th HIPAA violation fine of 2020. The most current financial penalty…
In 2019, five pharmacies took legal action against Express Scripts for misuse of patient information, which is a HIPAA violation. Express Scripts is the leading…
JAMA published a new research article that revealed the fact that almost all websites providing COVID-19 facts have a third-party tracking code that poses a…
A bill (SB-980) that secures the Genetic Information Privacy Act was passed by the California Senate. At the moment, California Governor Gavin Newsom just has…
The Office for Civil Rights reveals many companies fail to comply with risk analysis, which is an important HIPAA Security Rule requirement. While some HIPAA-covered…
There are three vulnerabilities with low- to medium-severity discovered in Philips SureSigns VS4 vital signs monitors. An attacker could exploit the vulnerabilities and access the…
A ransomware attack on Owens Ear Center located in Fort Worth, Texas occurred on May 28, 2020 that resulted in patient information encryption. The encrypted…
Allergy and Asthma Clinic of Fort Worth has identified an unauthorized person got access to its computer networks and probably acquired the billing data of…
There is a substantial weight of proof that indicate nation-state hacking groups are focusing on organizations doing COVID-19 research and developing the vaccine to get…
The HHS’ Office for Civil Rights (OCR) stated that the Metropolitan Community Health Services has agreed to pay $25,000 to settle its HIPAA Security Rule…
Microsoft has issued a patch to fix a 17-year old wormable remote code execution vulnerability found in Windows DNS Server. The vulnerability may be taken…
Microsoft stopped a massive phishing campaign done in 62 nations. Microsoft’s Digital Crimes Unit (DCU) first recognized the phishing campaign last December 2019. The phishing…
CHI St. Luke’s Health-Memorial Lufkin in Texas sent notification letters to patients regarding the potential exposure of their protected health information (PHI). St Luke’s threat…
Landmark Hospital of Athens located in Georgia suspended three staff members who are alleged of viewing, copying or exposing patient records. The likely HIPAA breach…
There were 19 zero-day vulnerabilities found in the TCP/IP communication software library which Treck Inc. created. Billions of interconnected gadgets spanning almost all industries, this…
The Commonwealth of Kentucky Personnel Cabinet submitted a report on two data breaches which happened in late April and in May. The attacks resulted in…
The healthcare provider Aveanna Healthcare centered in Atlanta, GA is charged with a class action case because of a data breach that happened last summer…
The 2020 Verizon Data Breach Investigations Report reveals that malware attacks are decreasing while hackers target information saved in the online. Verizon has been publishing…
The Indiana Court of Appeals reinstated the respondeat superior claim of Haley SoderVick who filed a legal case on Parkview Health System Inc. after a…
Santa Rosa & Rohnert Park Oral Surgery on Portland, OR found out that an unauthorized individual got access to an employee’s email account. The provider…
Ann & Robert H. Lurie Children’s Hospital of Chicago dismissed a worker for inappropriate access of the healthcare data of patients with no permission over…
The contact tracing technology that Apple and Google are developing may be invaluable in tracking individuals who have come into close contact with people confirmed…
One tool that could be used during the COVID-19 pandemic that is getting a lot of global attention in the past weeks is contact tracing…
The Federal Bureau of Investigation (FBI) has released an alert that cybercriminals are trying to steal from state institutions and healthcare sector customers that are…
INTERPOL gave a notification to hospitals about the continuous ransomware attacks throughout the 2019 Novel Coronavirus outbreak. Though a number of ransomware gangs have widely…
Phishing Attack on Tandem Diabetes Care Patients A phishing attack on Tandem Diabetes Care, Inc. in San Diego, CA resulted in the access of some…
Hawaii Pacific Health found out that an employee of Straub Medical Center in Honolulu was snooping on the healthcare records of patients for over 5…
To avoid the propagation of the coronavirus, plenty of businesses are allowing their employees to work from home. Though this measure is crucial for lessening…
HIMSS Media together with Mimecast lately publicized research that showed that for the last 12 month time period, 90% of healthcare companies have suffered no…
Walgreens began informing clients concerning the probable access of their protected health information (PHI) by other persons due to a mistake in the Walgreens mobile…
The American Medical Association (AMA) has released another HIPAA playbook to guide doctors and their practices have an understanding of the HIPAA Right of Access…
The Countrywide Institute of Standards and Technology (NIST) has published its most current draft guidance document regarding cyber supply chain risk management. The intent of…
A new Comparitech study has disclosed the magnitude of ransomware attacks on healthcare companies and their actual price on the healthcare sector. The study pointed…
Manchester Ophthalmology in Connecticut encountered a cyberattack that made it possible for attackers to get access to patient information. Employees of the eyecare provider spotted…
The cybersecurity company Proofpoint published its 2020 State of the Phish report, which revealed that 65% of companies in the U.S. (55% worldwide) had at…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an advisory regarding the rise of Emotet malware attacks lately. The first discovery of Emotet was…
To avoid critical vulnerabilities exploitation, Microsoft has introduced patches to be used on all supported Windows versions that require prompt attention. Though there’s no report…
Data breaches in the healthcare sector are occurring more frequently now than in the past. In 2019, the HHS’ Office for Civil Rights got 494…
Sinai Health System in Chicago learned about the compromise of the email accounts of two employees after they responded to phishing emails. It is not…
The Northern District of Alabama filed legal action against DCH Health System in the Western Division of U.S. District Court with regards to a ransomware…
Unauthorized people accessed the email accounts of a number of employees of Conway Medical Center based in South Carolina. Conway Medical Center detected the phishing…
A data protection authority in Germany issued to 1&1 Telecommunications one of the biggest GDPR penalties. The fine was issued to the telecommunications and hosting…
U.S. Sen. Maria Cantwell (D-Washington) has introduced a federal law providing U.S. citizens with new rights regarding their personal information. The Consumer Online Privacy Rights…
The 8th HIPAA financial penalty of 2019 has been publicized by the Department of Health and Human Services’ Office for Civil Rights (OCR). Sentara Hospitals…
The University of Rochester Medical Center (URMC) spent $3 million on payment to OCR for the HIPAA penalty over its failure to use encryption on…
The recently released Proofpoint Q3 2019 Threat Report provides information regarding the major threats in Q3 of 2019 and shows the evolving strategies, techniques, and…
A misconfiguration of the billing system of Texas Health Resources resulted in the impermissible disclosure of 82,577 of its patients’ health information. Texas Health Resources…
Premier Family Medicine is in the process of notifying 320,000 individuals that their protected health information may have been compromised following a cybersecurity incident. The…
A mailing error at Alive Hospice has resulted in breach notification letters informing patients of a May 2019 cybersecurity incident being sent to the incorrect…
A cybersecurity incident at Rhode Island Ear, Nose and Throat Physicians Inc. (RIENT) has resulted in the protected health information (PHI) of 3,000 patients being…
Adirondack Health has revealed that a cyberattack on their facility may have compromised the protected health information (PHI) of 25,000 individuals. Adirondack Health, based in…
A former employee of the University of Pittsburgh Medical Center (UPMC) has been indicted by a federal grand jury and has been sentenced to serve…
A data breach at Mercy Health has impacted nearly 1,000 patients. The non-profit healthcare system in west Michigan, discovered that some protected health information (PHI)…
Rosenbaum Dental Group has revealed that it recently suffered a malware attack which potentially compromised the protected health information (PHI) of 1,200 individuals. Rosenbaum Dental…
Oregon State Hospital is preparing to notify patients that their protected health information (PHI) may have been compromised due to an employee responding to a…
An employee email error at Independent Health has resulted in the PHI of 7,600 health plan members being compromised. Independent Health, based in Amherst, MA,…
CynergisTek has released a report which reveals that a significant number of healthcare organisations fail to comply with important pieces of healthcare legislation, including HIPAA’s…
Burrell Behavioral Health has revealed that a business associate’s error has compromised the data of 70,000 patients. The error occurred in August 2018. The business…
Maffi Clinics, Arizona, have revealed that a ransomware attack on their servers compromised the files of nearly 10,500 patients. Maffi Clinics, a network of 5…
Chicago’s Northwestern Memorial Hospital have had to fire up to 60 employees for accessing Jussie Smollett’s medical records without correct authorisation to do so. Jussie…
The University of Washington School of Medicine (UW Medicine) has announced that an IT error has resulted in the exposure of 974,000 patient data files…
Anesthesia Associates of Kansas City has announced that surgery schedules containing patient information were stolen from one of their employee’s vehicles last December. The employee,…
A warning has been issued about vulnerabilities affecting Dräger Infinity Delta patient monitoring devices. The warning was issued by Department of Homeland Security (DHS) United…
BJC HealthCare have announced that the details of nearly 6,000 credit cards were compromised following a cybersecurity incident. BJC HealthCare, based in Missouri, discovered the…
Mind & Motion Developmental Centers have revealed that they have been the victims of a ransomware attack on their servers. Mind & Motion Developmental Centers,…
A North Texas mental health services provider has announced that the sensitive files of over 1,800 patients have been compromised in a phishing attack. Metrocare…
A former IT worker at a New Jersey medical centre has been sentenced to 5 years’ probation for the theft of IT equipment that stored…
A paediatric nurse at Texas Children’s Hospital has been fired after she posted details about a toddler’s measles diagnosis on an anti-vaxxer Facebook page. Posting…
The Arc of Erie County, a non-profit agency that supports children and adults with disabilities based in Buffalo, NY, was levied a $200,000 fine by…
The protected healthcare information of nearly 20,000 children enrolled in the Missouri Medicaid Plan has been exposed due to a mailing error. The PHI was…
Legacy Health, a non-profit hospital system based in Portland, Oregon, has recently announced that approximately 38,000 of their patients have had their protected health information…