healthcare
-
Blog
US healthcare org pays $11M settlement over alleged cybersecurity lapses
Health Net Federal Services (HNFS) and its parent company, Centene Corporation, have agreed to pay $11,253,400 to settle allegations that HNFS falsely certified compliance with cybersecurity requirements under its Defense Health Agency (DHA) TRICARE contract. The U.S. government contracted HNFS to provide managed healthcare support services for TRICARE’s North region, covering 22 states. The contract required compliance with cybersecurity standards,…
Read More » -
Blog
New NailaoLocker ransomware used against EU healthcare orgs
A previously undocumented ransomware payload named NailaoLocker has been spotted in attacks targeting European healthcare organizations between June and October 2024. The attacks exploited CVE-2024-24919, a Check Point Security Gateway vulnerability, to gain access to targeted networks and deploy the ShadowPad and PlugX malware, two families tightly associated with Chinese state-sponsored threat groups. Orange Cyberdefense CERT links the attacks to Chinese…
Read More » -
Blog
Another Healthcare Data Breach Compromised a Million Patients’ Information
Credit: Dolores M. Harvey/Shutterstock The healthcare sector is one of the most common targets for hackers and cyber criminals, and yet another data breach has put the personal data of more than a million patients at risk. Community Health Center (CHC), a nonprofit healthcare provider in Connecticut, has disclosed that hackers gained access to its system in October and stole…
Read More » -
Blog
US healthcare provider data breach impacts 1 million patients
Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients of a data breach that impacted their personal and health data. The non-profit organization provides primary medical, dental, and mental health services to more than 145,000 active patients. CHC said in a Thursday filing with Maine’s attorney general that unknown attackers gained access to its…
Read More » -
Blog
US healthcare provider data breach impacts 1 million patients
Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients of a data breach that impacted their personal and health data. The non-profit organization provides primary medical, dental, and mental health services to more than 145,000 active patients. CHC said in a Thursday filing with Maine’s attorney general that unknown attackers gained access to its…
Read More » -
Blog
Backdoor found in two healthcare patient monitors, linked to IP in China
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device. CISA learned of the malicious behavior from an external researcher who disclosed the vulnerability to the agency. When CISA…
Read More » -
Blog
UnitedHealth reveals 190 million US citizens were impacted by the Change Healthcare breach
UnitedHealth has confirmed that the total number of customers impacted by last year’s Change Healthcare breach is far higher than previously thought. 190 million US citizens are now expected to have been impacted by the attack, equivalent to well over half of the US population. Previous estimates suggested that the total victims represented a third of the population. “The vast…
Read More » -
Blog
US government plans overhaul of security standards for healthcare industry
The US Department of Health and Human Services (HHS) has proposed extensive modifications to existing standards governing how healthcare information is stored and protected in the region. Set to be published in the Federal Register on 6 January, the changes set out by the HHS would impact the ‘security rule’ of the Health Insurance Portability and Accountability Act (HIPAA). The…
Read More » -
Blog
Massive healthcare breaches prompt US cybersecurity rules overhaul
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. These stricter cybersecurity rules, proposed by the HHS’ Office for Civil Rights (OCR) and expected to be published as a final rule within 60…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/23318437/akrales_220309_4977_0292.jpg)
The US proposes rules to make healthcare data more secure
The US Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) is proposing new cybersecurity requirements for healthcare organizations aimed at protecting patients’ private data in the event of cyberattacks, reports Reuters. The rules come after major cyberattacks like one that leaked the private information of more than 100 million UnitedHealth patients earlier this year. The OCR’s…
Read More »