healthcare
-
Blog
Healthcare organizations need to shake up email security practices
Microsoft 365 is the source of almost half of all healthcare email breaches, thanks mainly to misconfigurations in security settings. According to Paubox’s 2025 Healthcare Email Security Report, email is the main attack vector in the sector, with Microsoft 365 accounting for 43% of all breaches. Proofpoint was next, at 13%, followed by Barracuda Networks and Mimecast at 7%, and…
Read More » -
Blog
More than 300,000 US healthcare patients impacted in suspected Rhysida cyber attacks
Two US healthcare organizations have warned threat actors were able to breach their internal systems, exposing more than 300,000 individuals. On 7 March 2025, Kansas-based healthcare provider Sunflower Medical Group published an alert stating that over 220,000 patients had their personally identifiable information (PII) accessed in a data breach. An advisory published by the firm revealed it discovered suspicious activity…
Read More » -
Blog
US healthcare org pays $11M settlement over alleged cybersecurity lapses
Health Net Federal Services (HNFS) and its parent company, Centene Corporation, have agreed to pay $11,253,400 to settle allegations that HNFS falsely certified compliance with cybersecurity requirements under its Defense Health Agency (DHA) TRICARE contract. The U.S. government contracted HNFS to provide managed healthcare support services for TRICARE’s North region, covering 22 states. The contract required compliance with cybersecurity standards,…
Read More » -
Blog
New NailaoLocker ransomware used against EU healthcare orgs
A previously undocumented ransomware payload named NailaoLocker has been spotted in attacks targeting European healthcare organizations between June and October 2024. The attacks exploited CVE-2024-24919, a Check Point Security Gateway vulnerability, to gain access to targeted networks and deploy the ShadowPad and PlugX malware, two families tightly associated with Chinese state-sponsored threat groups. Orange Cyberdefense CERT links the attacks to Chinese…
Read More » -
Blog
Another Healthcare Data Breach Compromised a Million Patients’ Information
Credit: Dolores M. Harvey/Shutterstock The healthcare sector is one of the most common targets for hackers and cyber criminals, and yet another data breach has put the personal data of more than a million patients at risk. Community Health Center (CHC), a nonprofit healthcare provider in Connecticut, has disclosed that hackers gained access to its system in October and stole…
Read More » -
Blog
US healthcare provider data breach impacts 1 million patients
Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients of a data breach that impacted their personal and health data. The non-profit organization provides primary medical, dental, and mental health services to more than 145,000 active patients. CHC said in a Thursday filing with Maine’s attorney general that unknown attackers gained access to its…
Read More » -
Blog
US healthcare provider data breach impacts 1 million patients
Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients of a data breach that impacted their personal and health data. The non-profit organization provides primary medical, dental, and mental health services to more than 145,000 active patients. CHC said in a Thursday filing with Maine’s attorney general that unknown attackers gained access to its…
Read More » -
Blog
Backdoor found in two healthcare patient monitors, linked to IP in China
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device. CISA learned of the malicious behavior from an external researcher who disclosed the vulnerability to the agency. When CISA…
Read More » -
Blog
UnitedHealth reveals 190 million US citizens were impacted by the Change Healthcare breach
UnitedHealth has confirmed that the total number of customers impacted by last year’s Change Healthcare breach is far higher than previously thought. 190 million US citizens are now expected to have been impacted by the attack, equivalent to well over half of the US population. Previous estimates suggested that the total victims represented a third of the population. “The vast…
Read More » -
Blog
US government plans overhaul of security standards for healthcare industry
The US Department of Health and Human Services (HHS) has proposed extensive modifications to existing standards governing how healthcare information is stored and protected in the region. Set to be published in the Federal Register on 6 January, the changes set out by the HHS would impact the ‘security rule’ of the Health Insurance Portability and Accountability Act (HIPAA). The…
Read More »