Cybersecurity strategies
The healthcare sector faces a variety of cyberthreats, but experts are constantly working to provide organizations with reliable cybersecurity strategies to address them. Learn about the latest tactics for tackling cyber risk, with efforts led by security practitioners, federal agencies and leading cybersecurity companies.
Top Stories
-
Feature
06 Oct 2025
Securing healthcare data in preparation for a post-quantum era
A post-quantum world may seem far off, but experts say that healthcare leaders should begin planning now to ensure that health data is protected. Continue Reading
-
Feature
02 Oct 2025
Preparing EHR systems for ransomware attacks
Experts weigh in on how proactive cybersecurity planning protects your patients. Continue Reading
-
News
10 Jul 2023
CISA Warns of Truebot Activity Infecting US Networks
Cyber threat actors have been leveraging new malware variants of Truebot to exfiltrate information from targets. Continue Reading
-
News
10 Jul 2023
HSCC Releases Cybersecurity Coordinated Incident Response Template
The Health Industry Cybersecurity Coordinated Healthcare Incident Response publication provides organizations with a template for developing a thorough incident response plan. Continue Reading
-
News
07 Jul 2023
Kronos Reaches $6M Settlement Over Ransomware Attack
HR management solutions provider Kronos suffered a ransomware attack on its cloud solution in 2021 that impacted many healthcare organizations. Continue Reading
-
News
30 Jun 2023
Medtronic Discloses Cybersecurity Vulnerability in Paceart Optima System
The cybersecurity vulnerability in Medtronic’s Paceart Optima system may result in remote code execution or a denial-of-service condition. Continue Reading
-
News
29 Jun 2023
Healthcare Organizations Increase IT Budgets As Cybersecurity Concerns Rise
As healthcare organizations continue to focus on digital transformation, IT budgets are steadily increasing to reflect cybersecurity challenges and cloud deployment goals. Continue Reading
-
News
28 Jun 2023
SEO Poisoning Attacks Increase Across Healthcare
Threat actors have been leveraging search engine optimization (SEO) poisoning tactics to trick users into clicking on malicious links, HC3 warned. Continue Reading
-
News
28 Jun 2023
CA Hospital Settles Cybersecurity Case, Pledges $460K to Upgrades
Good Samaritan Hospital settled a class-action lawsuit that alleged its inadequate cybersecurity measures were responsible for a 2020 data breach. Continue Reading
-
News
22 Jun 2023
Healthcare Business Associate Faces Lawsuit Over March Cyberattack
Onix Group suffered a ransomware attack in March 2023 that resulted in a data breach impacting nearly 320,000 individuals. Continue Reading
-
News
21 Jun 2023
Trust Emerges as Cybersecurity Issue for 42% of Security Decision-Makers
Even though cybersecurity trust is clearly an issue, some trust is also misplaced, with 66 percent of security leaders trusting employees to prevent cyberattacks more than their own teams. Continue Reading
-
News
21 Jun 2023
Exploring The Role of Cyber Resilience in Digital Transformation Efforts
Organizations that prioritize aligning cybersecurity with business objectives are 18% more likely to achieve target revenue growth and 26% more likely to lower data breach costs, Accenture found. Continue Reading
-
News
19 Jun 2023
TimisoaraHackerTeam Ransomware Attacks US Cancer Center
The little-known ransomware group launched an attack against a US cancer center in June 2023, rendering digital services unavailable and limiting the center’s patient care capabilities. Continue Reading
-
News
19 Jun 2023
DOJ Charges Russian National For Role in LockBit Ransomware Attacks
The Justice Department made its second LockBit ransomware-related arrest of the year, chipping away at one of the most prolific ransomware variants. Continue Reading
-
News
16 Jun 2023
Progress Software Discloses Another MOVEit Cybersecurity Vulnerability
The newly discovered cybersecurity vulnerability could lead to escalated privileges and potential unauthorized access if exploited. Continue Reading
-
News
15 Jun 2023
HC3 Advises Healthcare Sector to Prioritize Cyber Defense Against FIN11
HC3 details FIN11's track record of exploiting zero-day vulnerabilities in the healthcare sector, particularly using Clop ransomware. Continue Reading
-
News
14 Jun 2023
CISA, Partners Release LockBit Ransomware Cybersecurity Advisory
LockBit was the most active ransomware group and RaaS provider in 2022, targeting organizations across the world. Continue Reading
-
News
13 Jun 2023
IL Rural Hospital Cites Cyberattack As Factor in Closing Doors
St. Margaret’s Health in Spring Valley and Peru, Illinois will close its doors, citing a 2021 cyberattack, the COVID-19 pandemic, and ongoing staffing shortages as key factors in the decision. Continue Reading
-
News
12 Jun 2023
Revenue Cycle Vendor Discloses Breach Tied to Fortra GoAnywhere Hack
Intellihartx disclosed a data breach impacting 490,000 individuals that stemmed from the Fortra GoAnywhere vulnerability. Continue Reading
-
News
12 Jun 2023
HC3 Guidance Explores Cyber Threat Actors Targeting Healthcare
HC3’s latest guidance provides healthcare defenders with a detailed overview of the types of cyber threat actors threatening the sector, such as cybercriminals, hacktivists, and insider threats. Continue Reading
-
News
09 Jun 2023
Cybersecurity Incident at MercyOne Triggers Potential Patient Data Loss
MercyOne Clinton Medical Center in Iowa is actively working on network restoration following a cybersecurity incident that disrupted its systems. Continue Reading
-
News
08 Jun 2023
Clop Ransomware Gang Exploiting MOVEit Cybersecurity Vulnerability
CISA and the FBI released a joint cybersecurity advisory to warn organizations about Clop ransomware’s interest in the recently discovered MOVEit Transfer software cybersecurity vulnerability. Continue Reading
-
News
08 Jun 2023
CISA Releases Guidance For Securing Remote Access Software
CISA issued a guidance document to help organizations balance the functionality of remote access software with potential cyber risks. Continue Reading
-
News
07 Jun 2023
Social Engineering, Ransomware Continue to Dominate Cyberattack Trends, Verizon Says
Verizon’s annual Data Breach Investigations Report shed light on 2022 cyberattack trends, highlighting the prevalence of social engineering, ransomware, and basic web application attacks. Continue Reading
-
News
06 Jun 2023
Cybersecurity Vulnerability in MOVEit Transfer Software Poses Threat to Healthcare
Progress Software disclosed a critical cybersecurity vulnerability in its MOVEit Transfer software, which is commonly used across healthcare. Continue Reading
-
News
02 Jun 2023
Healthcare CISOs Prioritize Cybersecurity Budgets Amid Economic Downturn
A new survey reveals that 58 percent of CISOs have boosted their cybersecurity budgets and 42 percent are aiming to further these budgets within the next year. Continue Reading
-
Feature
01 Jun 2023
Key Ways to Prepare For Revamped Medical Device Security Requirements
Medical device manufacturers will have to adjust their premarket activities to prepare for Oct. 1st, when the FDA will begin refusing medical device submissions for cybersecurity reasons. Continue Reading
-
News
25 May 2023
CommonSpirit Raises Estimated Losses From Ransomware Attack to $160M
The figure is a $10 million increase from CommonSpirit’s last quarterly report, showing that losses from the October ransomware attack may be higher than previously thought. Continue Reading
-
News
25 May 2023
NY AG Fines Practicefirst $550K For Failure to Protect Health Records
Practice management vendor Practicefirst suffered a data breach in 2020 that impacted 1.2 million individuals and potentially exposed health records and other personal information. Continue Reading
-
News
24 May 2023
CISA, Partners Revamp Ransomware Prevention Guide
The #StopRansomware Guide provides organizations with best practices for detecting, preventing, and responding to ransomware attacks. Continue Reading
-
News
23 May 2023
Implementing a Zero Trust Architecture For Medical Device Security
A new report from the Cloud Security Alliance makes the case for implementing a zero trust architecture to strengthen medical device security efforts. Continue Reading
-
News
23 May 2023
CISA Issues Cybersecurity Advisory Regarding BianLian Ransomware Group
BianLian ransomware group has deployed ransomware attacks against multiple critical infrastructure sectors since June 2022, CISA’s latest advisory states. Continue Reading
-
News
18 May 2023
House Committee Hearing Sheds Light On HHS Approach to Healthcare Cybersecurity
The deputy director at the ASPR Office of Preparedness at HHS testified before a House committee on the agency’s healthcare cybersecurity efforts. Continue Reading
-
News
18 May 2023
EyeMed Vision Care Reaches $2.5M Settlement Over Multistate Data Breach
This marks the third settlement EyeMed has reached over a 2020 data breach that impacted 2.1 million individuals. Continue Reading
-
News
17 May 2023
US Formally Charges Russian Hacker Behind Global Ransomware Attacks
Mikhail Pavlovich Matveev was suspected of deploying LockBit, Babuk, and Hive ransomware to attack critical infrastructure, including a New Jersey healthcare provider. Continue Reading
-
News
16 May 2023
Maxim Healthcare Reaches Settlement Over 2021 Data Breach Case
The company, which admitted the 2021 data breach had impacted over 28K, has agreed to pay victims up to $5K, covering extraordinary costs. Continue Reading
-
News
15 May 2023
Senators Introduce Rural Hospital Cybersecurity Enhancement Act
The Rural Hospital Cybersecurity Enhancement Act aims to address cybersecurity workforce gaps and improve cybersecurity training at rural healthcare facilities. Continue Reading
-
News
12 May 2023
Malicious Bot Activity On the Rise in Healthcare
Healthcare websites saw more than 31 percent of all traffic originating from bots, Imperva’s latest Bad Bot Report revealed. Continue Reading
-
News
11 May 2023
HC3 Warns Healthcare of Cyberattacks Against Popular Data Backup Software
Threat actors have been leveraging a vulnerability in Veeam Backup & Replication software to gain network access and execute malicious code. Continue Reading
-
News
10 May 2023
Healthcare Cyberattacks Linked to Disruptions at Neighboring Hospitals, Study Finds
A study published in JAMA Network Open observed longer wait times and other disruptions at nearby hospitals in the wake of a healthcare cyberattack. Continue Reading
-
News
09 May 2023
SuperCare Health Reaches $2.25M Data Breach Settlement Over Alleged Negligence
The respiratory care provider settled a data breach lawsuit, in which SuperCare was accused of negligent cybersecurity practices, which put PII in harm’s way. Continue Reading
-
News
08 May 2023
41% of IT Decision-Makers Back Passwordless Authentication for Stronger Identity Security
Adoption of passwordless authentication is rising, with 49 percent of IT leaders deploying or planning to deploy amid data breach concerns and a shift towards enhanced identity security. Continue Reading
-
News
04 May 2023
Lawsuit Accuses Iowa Health System of Sharing Data With Facebook
The plaintiff alleged that the University of Iowa Hospitals & Clinics unlawfully disclosed personal information to Facebook via its use of tracking pixels. Continue Reading
-
News
01 May 2023
Clop, LockBit Leveraging 3 Known Vulnerabilities in Healthcare Ransomware Attacks, HHS Warns
Two Ransomware-as-a-Service groups, Clop and LockBit, have been leveraging known vulnerabilities in Fortra’s GoAnywhere MFT solution and installations of PaperCut to target healthcare. Continue Reading
-
News
26 Apr 2023
91% of Orgs Expect to Increase Cybersecurity Budgets in Next Year
Surveyed security leaders are prioritizing investments in the latest tools, but technology alone cannot mitigate ransomware risk. Continue Reading
-
News
26 Apr 2023
Health3PT Unveils First Actions to Address Third-Party Risk Management
The Health3PT Initiative tackles third-party risk management challenges with standardized assessments for 15,000 vendors, a Third-Party Risk Industry Survey, recommended practices, and a Vendor Directory plan. Continue Reading
-
News
25 Apr 2023
Healthcare Is More Reactive Than Proactive When It Comes to Cybersecurity, KLAS, AHA, Censinet Find
KLAS, AHA, and Censinet released the first iteration of the Healthcare Cybersecurity Benchmarking Study, highlighting the areas in which healthcare cybersecurity is maturing and where there is room for growth. Continue Reading
-
News
25 Apr 2023
SEO Poisoning, Cobalt Strike Abuse, Emotet Continue to Threaten Healthcare Cybersecurity
BlackBerry’s quarterly Global Threat Intelligence Report shed light on recent cyberattack tactics used against healthcare, including SEO poisoning and Cobalt Strike abuse. Continue Reading
-
News
24 Apr 2023
1 in 5 Connected Medical Devices Run On Unsupported Operating Systems
What’s more, nearly 40 percent of analyzed nurse call systems had critical severity unpatched vulnerabilities, Armis found. Continue Reading
-
News
21 Apr 2023
Threat Actors Deviate From Common Tactics in Global Cyberattacks, Mandiant Observes
Persistent adversaries are willing to stray from their tried-and-true cyberattack methods in order to target victim organizations, Mandiant noted in its M-Trends 2023 report. Continue Reading
-
News
20 Apr 2023
Quantifying the Financial Impact of Healthcare Ransomware Attacks
Organizations in the healthcare, manufacturing, and utilities sectors may have up to 30% of their operating income at risk in the aftermath of a ransomware attack on average, ThreatConnect found. Continue Reading
-
Feature
19 Apr 2023
3 Best Practices For Maturing Healthcare Third-Party Risk Management
Panelists discussed top third-party risk management challenges and best practices at the HealthITSecurity Virtual Summit. Continue Reading
-
News
18 Apr 2023
CISA Reveals Enhanced Zero Trust Maturity Model
The updated Zero Trust Maturity Model features five adaptable pillars, facilitating gradual progress towards optimized zero trust architecture for organizations. Continue Reading
-
News
18 Apr 2023
55% of Surveyed Healthcare Workers Believe Security Policies Keep Up With New Tech
Nearly a quarter of surveyed healthcare workers reported thinking that generative AI tools are safe to use at work, but just 55% of respondents agreed that their organization’s security policies were keeping up with new tools and technologies. Continue Reading
-
News
17 Apr 2023
HHS Cybersecurity Task Force Releases New Resources to Address Rise in Healthcare Cyberattacks
Led by the HHS 405(d) Program and the HSCC CWG, the new resources include an update to the HICP and an educational platform offering healthcare cybersecurity trainings. Continue Reading
-
Feature
13 Apr 2023
How the HSCC is Bridging the Gap Between Cyber Haves and Have-Nots
Recognizing that patient safety and cybersecurity are inextricably linked is a crucial step in strengthening the security posture of the healthcare sector, HSCC leader Greg Garcia suggested at the HealthITSecurity Virtual Summit. Continue Reading
-
News
10 Apr 2023
DNS NXDOMAIN Flood DDoS Attacks Impacting Healthcare, HC3 Warns
HC3 warned the healthcare sector of DNS NXDOMAIN flood DDoS attacks, which are used by threat actors to overload DNS servers and slow down systems. Continue Reading
-
News
10 Apr 2023
Microsoft, Fortra, Health-ISAC Crack Down On Cobalt Strike Abuse
Microsoft’s Digital Crimes Unit is partnering with Fortra and Health-ISAC to remove illegal, legacy copies of Cobalt Strike used by cybercriminals. Continue Reading
-
News
07 Apr 2023
HC3 Raises Concern Over KillNet DDoS Attacks Targeting Healthcare Sector
HC3 warned the healthcare sector again of the ongoing threat of KillNet hacktivist group, with their biggest DDoS strike affecting over 90 organizations in January 2023. Continue Reading
-
News
06 Apr 2023
HSCC Releases Free Video Series Providing Healthcare Cybersecurity Awareness, Training to Clinicians
The Health Sector Coordinating Council (HSCC) released an eight-episode series entitled “Cybersecurity for the Clinician,” which organizations can use to enhance their healthcare cybersecurity training programs. Continue Reading
-
News
05 Apr 2023
Illinois Medical Practice Settles Lawsuit After Data Breach Impacts 228K
The Plaintiff launched and settled a class action lawsuit against Illinois Gastroenterology Group (IGG) following a data breach that allegedly jeopardized patient privacy. Continue Reading
-
News
04 Apr 2023
Rise Interactive Faces Class Action Lawsuit Over Healthcare Data Breach
The digital marketing firm faces a class action lawsuit over a 2022 data breach, alleging inadequate cybersecurity measures exposed the PHI of 54,509 Edgepark patients. Continue Reading
-
News
03 Apr 2023
Health-ISAC Annual Threat Report Sheds Light on Healthcare Cyber Threat Landscape
Health-ISAC, CHIME, and the Health Sector Coordinating Council surveyed healthcare cybersecurity executives on the top five threats facing their organizations this year. Continue Reading
-
News
30 Mar 2023
FDA to Refuse Medical Device Submissions For Cybersecurity Reasons Beginning in October
Medical device manufacturers will now be required to include cybersecurity details in device submissions, and the FDA will soon be able to deny submissions over inadequate security controls. Continue Reading
-
News
29 Mar 2023
Inadequate Healthcare Cybersecurity Maturity Jeopardizes Patient Privacy
CYE found that the healthcare cybersecurity maturity score lags behind other sectors, putting patient privacy and sensitive data at risk due to weak EHR systems, telemedicine, and other security vulnerabilities. Continue Reading
-
News
28 Mar 2023
CISA Looks Back On One Year of CIRCIA, Encourages Cyber Threat Sharing
In the year since President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) into law, CISA has been busy collecting feedback from key stakeholders. Continue Reading
-
News
28 Mar 2023
NY Law Firm Pays $200K Over Healthcare Data Security Failures
As a result of an investigation by the New York Attorney General’s Office, the law firm is required to pay $200K and implement enhanced data security measures. Continue Reading
-
News
27 Mar 2023
20 Healthcare Vendors Receive KLAS Cybersecurity Transparent Designation
At ViVE 2023, KLAS and Censinet recognized 20 vendors that achieved KLAS Cybersecurity Transparent designation, indicating that the vendors met rigorous healthcare cybersecurity standards. Continue Reading
-
News
27 Mar 2023
HHS, FBI Disrupt BreachForums Cybercriminal Marketplace
The HHS Office of Inspector General and the FBI forced BreachForums offline, disrupting a marketplace used by more than 340,000 cybercriminals to buy, sell, and trade stolen data. Continue Reading
-
News
24 Mar 2023
Dark Web Intel Underutilized by CISOs, Diminishing Healthcare Cybersecurity
Fifty-seven percent of healthcare CISOs utilize dark web intelligence in their strategies, causing the sector to lag other industries and leaving healthcare cybersecurity vulnerable to threat actors, a new report revealed. Continue Reading
-
News
23 Mar 2023
CISA Issues Revised Cybersecurity Performance Goals
Originally released in October, CISA updated its Cybersecurity Performance Goals (CPGs) in response to stakeholder feedback. Continue Reading
-
News
22 Mar 2023
Healthcare DDoS Attacks Are Increasing, Microsoft Says
Microsoft has observed an uptick in DDoS attacks launched against healthcare organizations by KillNet and other hacktivist groups. Continue Reading
-
News
21 Mar 2023
FBI IC3: Victims Racked Up $10.3B in Losses Tied to Internet Crime Last Year
The FBI Internet Crime Complaint Center (IC3) data show that healthcare was impacted by more ransomware attacks than any other critical infrastructure sector in 2022. Continue Reading
-
News
20 Mar 2023
Experts Shed Light On Healthcare Cybersecurity Challenges Before Senate Panel
Four industry experts testified before the Senate Homeland and Governmental Affairs Committee recently, championing healthcare cybersecurity minimum standards and federal assistance for under-resourced organizations. Continue Reading
-
News
20 Mar 2023
CISA, FBI, MS-ISAC Warn Critical Infrastructure of LockBit 3.0 Ransomware Attacks
LockBit 3.0 ransomware operations as a RaaS model and is known to attack a wide range of sectors, including those in critical infrastructure. Continue Reading
-
News
17 Mar 2023
FL Children’s Health Insurance Site Contractor Pays Fine to Resolve False Claims Act Allegations
Jelly Bean Communications Design agreed to pay nearly $300K to resolve False Claims Act allegations that it failed to secure personal information stored on a federally funded Florida children’s health insurance website. Continue Reading
-
News
17 Mar 2023
HC3 Raises Alarm Over Black Basta Ransomware Group as a Threat to Healthcare
HC3 cautioned that the Black Basta ransomware group, known for its calculated double extortion tactics with potential connections to Conti and FIN7, poses a risk to healthcare cybersecurity. Continue Reading
-
News
16 Mar 2023
CISA Launches Pilot Program to Help Critical Infrastructure Manage Cybersecurity Vulnerabilities
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) required the creation of the Ransomware Vulnerability Warning Pilot (RVWP), aimed at helping organizations stay ahead of the latest cybersecurity vulnerabilities. Continue Reading
-
News
15 Mar 2023
Blackbaud Pays $3M to Settle “Misleading Disclosures” Following Ransomware Attack
Following a 2020 ransomware attack, Blackbaud announced that the attacker had not accessed donor bank information, but it was determined that information had in fact been accessed and exfiltrated. Continue Reading
-
News
15 Mar 2023
HC3 Report Uncovers Key Data Exfiltration Trends in Healthcare
Data exfiltration played a role in 70 percent of ransomware incidents impacting healthcare organizations, HC3 stated. Continue Reading
-
News
14 Mar 2023
HSCC Publishes Guidance On Managing Legacy Medical Tech Security
The guidance positions medical technology security as a shared responsibility, encouraging medical device manufacturers and healthcare organizations to work together to reduce risks associated with legacy tech. Continue Reading
-
News
10 Mar 2023
HHS, HSCC Release Guidance to Help Healthcare Align With NIST Cybersecurity Framework
The new Framework Implementation Guide aims to help healthcare organizations better manage cybersecurity risks with the help of actionable steps aligned with the NIST Cybersecurity Framework. Continue Reading
-
News
09 Mar 2023
DC Health Link Healthcare Data Breach Exposes PHI of Congress Members
The FBI and US Capitol Police are investigating a recent healthcare data breach at DC Health Link, where House members' and staff's personal health information (PHI) was compromised. Continue Reading
-
News
08 Mar 2023
CISA, FBI Shed Light On Royal Ransomware Cyberattack Tactics
CISA and the FBI’s latest cybersecurity advisory contains detailed indicators of compromise and initial access techniques used by Royal ransomware, a variant known to be used against the healthcare sector. Continue Reading
-
News
03 Mar 2023
How The New National Cybersecurity Strategy Will Impact Healthcare Cybersecurity
The Biden Administration issued its National Cybersecurity Strategy aimed at securing critical infrastructure, disrupting cyber threat operations, and investing in a more secure digital ecosystem. Continue Reading
-
News
02 Mar 2023
As Hacker Sophistication Increases, Confidence in Basic Cybersecurity Defenses Falters
More than half of surveyed health IT leaders reported feeling “less than fully confident” in the technologies they currently use to prevent ransomware attacks, Akamai and Porter Research found. Continue Reading
-
Answer
01 Mar 2023
Outdated Operating Systems Remain Key Medical Device Security Challenge
Support for Windows 8.1 ended in January, sparking conversations about how to manage risks associated with out-of-date operating systems and medical devices in the healthcare sector. Continue Reading
-
News
28 Feb 2023
94% of CISOs Face Work-Related Stress, Leading to Retention Snags
Work-related stress impacts 94 percent of the surveyed chief information security officers and is the root cause of 74 percent of healthcare security teams’ retention problems. Continue Reading
-
News
27 Feb 2023
MedusaLocker Ransomware Leveraged In Healthcare Cyberattacks
HC3 described the MedusaLocker ransomware variant as “lesser known but potent” and recommended that healthcare security defenders apply necessary mitigations. Continue Reading
-
News
24 Feb 2023
Clop Ransomware Continues to Threaten Healthcare Sector, HC3 Warns
Clop ransomware recently claimed that it leveraged a vulnerability in Fortra’s GoAnywhere managed file transfer (MFT) solution to attack more than 130 organizations, including healthcare entities. Continue Reading
-
News
21 Feb 2023
CommonSpirit Health Ransomware Attack Leads to $150M in Losses To Date
As previously reported, CommonSpirit Health suffered a ransomware attack in October 2022 that impacted facilities across its network. Continue Reading
-
News
17 Feb 2023
35% More Patients Impacted by Healthcare Data Breaches in H2 2022
A critical Insight report on healthcare data breaches found that the number of health records exposed increased from 21.1 million in 2019 to 28.5 million in 2021. Continue Reading
-
News
15 Feb 2023
DDoS Attacks Continue to Threaten Healthcare Cybersecurity
HC3’s latest brief shed light on the threat of Distributed Denial of Service (DDoS) attacks on healthcare cybersecurity, noting that they may have “detrimental impact on the ability to provide care.” Continue Reading
-
News
14 Feb 2023
UMass Memorial Health Center Resolves Healthcare Data Breach Lawsuit With $1.2M Settlement
The proposed settlement will resolve allegations relating to a 2020 healthcare data breach at UMass Memorial Health Center that impacted patient PHI. Continue Reading
-
Answer
14 Feb 2023
Tackling Third-Party Risk Management (TPRM) Challenges In Healthcare
Third-party risk management (TPRM) is a crucial component of any healthcare organization’s security and compliance programs. Continue Reading
-
News
13 Feb 2023
GootLoader Malware, SEO Poisoning Impacting Healthcare
Cybereason observed new deployment methods of the GootLoader malware loader, as well as SEO poisoning techniques that are impacting the healthcare and finance sectors in particular. Continue Reading
-
News
10 Feb 2023
Nearly 63K Impacted by Healthcare Data Breach from Exploited Web Server
Sharp HealthCare in San Diego suffered a healthcare data breach after an unauthorized third-party gained access to the organization’s web server potentially exposing some PHI. Continue Reading
-
News
10 Feb 2023
HHS, FBI, CISA Warn of North Korean State-Sponsored Cyber Threat Actors Targeting Healthcare
US and South Korean authorities issued a joint cybersecurity advisory to warn healthcare organizations about North Korean state-sponsored cyber threat actors who have been conducting ransomware attacks against the sector. Continue Reading
-
News
09 Feb 2023
Business Email Compromise (BEC) Attacks Continue to Increase in Healthcare
Threat actors leverage business email compromise (BEC) attacks to take advantage of well-meaning employees and gain network access. Continue Reading
-
News
09 Feb 2023
GoodRx Faces Lawsuit Over Alleged Improper Health Data Sharing Practices
Prior to the proposed class action lawsuit filed by a GoodRx user, the Federal Trade Commission (FTC) imposed a $1.5 million civil penalty against GoodRx to resolve allegations of improper health data sharing practices. Continue Reading
-
News
08 Feb 2023
Top Healthcare Cybersecurity, IoT, Privacy Vendors Achieve Best in KLAS Status
KLAS named Imprivata, Medigate by Claroty, Fortified Health Security, and more as Best in KLAS in the healthcare cybersecurity and privacy space in 2023. Continue Reading
-
News
08 Feb 2023
Third-Party Data Breach Victims Double, Healthcare Most Targeted
A Black Kite report revealed the increasing level of impact third-party had on select industries, with healthcare as the most targeted sector. Continue Reading