Cybersecurity strategies
The healthcare sector faces a variety of cyberthreats, but experts are constantly working to provide organizations with reliable cybersecurity strategies to address them. Learn about the latest tactics for tackling cyber risk, with efforts led by security practitioners, federal agencies and leading cybersecurity companies.
Top Stories
-
News
08 Jul 2024
HC3 warns sector of critical MOVEit cybersecurity vulnerabilities
Healthcare organizations should prioritize patching two critical cybersecurity vulnerabilities found in Progress Software’s MOVEit managed file transfer platform. Continue Reading
-
News
01 Jul 2024
HHS, FBI warn healthcare sector of social engineering scheme
Threat actors have been using phishing schemes to steal login credentials and divert automated clearinghouse payments, HHS and the FBI warned in a joint cybersecurity advisory. Continue Reading
-
News
05 Apr 2023
Illinois Medical Practice Settles Lawsuit After Data Breach Impacts 228K
The Plaintiff launched and settled a class action lawsuit against Illinois Gastroenterology Group (IGG) following a data breach that allegedly jeopardized patient privacy. Continue Reading
-
News
04 Apr 2023
Rise Interactive Faces Class Action Lawsuit Over Healthcare Data Breach
The digital marketing firm faces a class action lawsuit over a 2022 data breach, alleging inadequate cybersecurity measures exposed the PHI of 54,509 Edgepark patients. Continue Reading
-
News
03 Apr 2023
Health-ISAC Annual Threat Report Sheds Light on Healthcare Cyber Threat Landscape
Health-ISAC, CHIME, and the Health Sector Coordinating Council surveyed healthcare cybersecurity executives on the top five threats facing their organizations this year. Continue Reading
-
News
30 Mar 2023
FDA to Refuse Medical Device Submissions For Cybersecurity Reasons Beginning in October
Medical device manufacturers will now be required to include cybersecurity details in device submissions, and the FDA will soon be able to deny submissions over inadequate security controls. Continue Reading
-
News
29 Mar 2023
Inadequate Healthcare Cybersecurity Maturity Jeopardizes Patient Privacy
CYE found that the healthcare cybersecurity maturity score lags behind other sectors, putting patient privacy and sensitive data at risk due to weak EHR systems, telemedicine, and other security vulnerabilities. Continue Reading
-
News
28 Mar 2023
CISA Looks Back On One Year of CIRCIA, Encourages Cyber Threat Sharing
In the year since President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) into law, CISA has been busy collecting feedback from key stakeholders. Continue Reading
-
News
28 Mar 2023
NY Law Firm Pays $200K Over Healthcare Data Security Failures
As a result of an investigation by the New York Attorney General’s Office, the law firm is required to pay $200K and implement enhanced data security measures. Continue Reading
-
News
27 Mar 2023
20 Healthcare Vendors Receive KLAS Cybersecurity Transparent Designation
At ViVE 2023, KLAS and Censinet recognized 20 vendors that achieved KLAS Cybersecurity Transparent designation, indicating that the vendors met rigorous healthcare cybersecurity standards. Continue Reading
-
News
27 Mar 2023
HHS, FBI Disrupt BreachForums Cybercriminal Marketplace
The HHS Office of Inspector General and the FBI forced BreachForums offline, disrupting a marketplace used by more than 340,000 cybercriminals to buy, sell, and trade stolen data. Continue Reading
-
News
24 Mar 2023
Dark Web Intel Underutilized by CISOs, Diminishing Healthcare Cybersecurity
Fifty-seven percent of healthcare CISOs utilize dark web intelligence in their strategies, causing the sector to lag other industries and leaving healthcare cybersecurity vulnerable to threat actors, a new report revealed. Continue Reading
-
News
23 Mar 2023
CISA Issues Revised Cybersecurity Performance Goals
Originally released in October, CISA updated its Cybersecurity Performance Goals (CPGs) in response to stakeholder feedback. Continue Reading
-
News
22 Mar 2023
Healthcare DDoS Attacks Are Increasing, Microsoft Says
Microsoft has observed an uptick in DDoS attacks launched against healthcare organizations by KillNet and other hacktivist groups. Continue Reading
-
News
21 Mar 2023
FBI IC3: Victims Racked Up $10.3B in Losses Tied to Internet Crime Last Year
The FBI Internet Crime Complaint Center (IC3) data show that healthcare was impacted by more ransomware attacks than any other critical infrastructure sector in 2022. Continue Reading
-
News
20 Mar 2023
Experts Shed Light On Healthcare Cybersecurity Challenges Before Senate Panel
Four industry experts testified before the Senate Homeland and Governmental Affairs Committee recently, championing healthcare cybersecurity minimum standards and federal assistance for under-resourced organizations. Continue Reading
-
News
20 Mar 2023
CISA, FBI, MS-ISAC Warn Critical Infrastructure of LockBit 3.0 Ransomware Attacks
LockBit 3.0 ransomware operations as a RaaS model and is known to attack a wide range of sectors, including those in critical infrastructure. Continue Reading
-
News
17 Mar 2023
FL Children’s Health Insurance Site Contractor Pays Fine to Resolve False Claims Act Allegations
Jelly Bean Communications Design agreed to pay nearly $300K to resolve False Claims Act allegations that it failed to secure personal information stored on a federally funded Florida children’s health insurance website. Continue Reading
-
News
17 Mar 2023
HC3 Raises Alarm Over Black Basta Ransomware Group as a Threat to Healthcare
HC3 cautioned that the Black Basta ransomware group, known for its calculated double extortion tactics with potential connections to Conti and FIN7, poses a risk to healthcare cybersecurity. Continue Reading
-
News
16 Mar 2023
CISA Launches Pilot Program to Help Critical Infrastructure Manage Cybersecurity Vulnerabilities
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) required the creation of the Ransomware Vulnerability Warning Pilot (RVWP), aimed at helping organizations stay ahead of the latest cybersecurity vulnerabilities. Continue Reading
-
News
15 Mar 2023
Blackbaud Pays $3M to Settle “Misleading Disclosures” Following Ransomware Attack
Following a 2020 ransomware attack, Blackbaud announced that the attacker had not accessed donor bank information, but it was determined that information had in fact been accessed and exfiltrated. Continue Reading
-
News
15 Mar 2023
HC3 Report Uncovers Key Data Exfiltration Trends in Healthcare
Data exfiltration played a role in 70 percent of ransomware incidents impacting healthcare organizations, HC3 stated. Continue Reading
-
News
14 Mar 2023
HSCC Publishes Guidance On Managing Legacy Medical Tech Security
The guidance positions medical technology security as a shared responsibility, encouraging medical device manufacturers and healthcare organizations to work together to reduce risks associated with legacy tech. Continue Reading
-
News
10 Mar 2023
HHS, HSCC Release Guidance to Help Healthcare Align With NIST Cybersecurity Framework
The new Framework Implementation Guide aims to help healthcare organizations better manage cybersecurity risks with the help of actionable steps aligned with the NIST Cybersecurity Framework. Continue Reading
-
News
09 Mar 2023
DC Health Link Healthcare Data Breach Exposes PHI of Congress Members
The FBI and US Capitol Police are investigating a recent healthcare data breach at DC Health Link, where House members' and staff's personal health information (PHI) was compromised. Continue Reading
-
News
08 Mar 2023
CISA, FBI Shed Light On Royal Ransomware Cyberattack Tactics
CISA and the FBI’s latest cybersecurity advisory contains detailed indicators of compromise and initial access techniques used by Royal ransomware, a variant known to be used against the healthcare sector. Continue Reading
-
News
03 Mar 2023
How The New National Cybersecurity Strategy Will Impact Healthcare Cybersecurity
The Biden Administration issued its National Cybersecurity Strategy aimed at securing critical infrastructure, disrupting cyber threat operations, and investing in a more secure digital ecosystem. Continue Reading
-
News
02 Mar 2023
As Hacker Sophistication Increases, Confidence in Basic Cybersecurity Defenses Falters
More than half of surveyed health IT leaders reported feeling “less than fully confident” in the technologies they currently use to prevent ransomware attacks, Akamai and Porter Research found. Continue Reading
-
Answer
01 Mar 2023
Outdated Operating Systems Remain Key Medical Device Security Challenge
Support for Windows 8.1 ended in January, sparking conversations about how to manage risks associated with out-of-date operating systems and medical devices in the healthcare sector. Continue Reading
-
News
28 Feb 2023
94% of CISOs Face Work-Related Stress, Leading to Retention Snags
Work-related stress impacts 94 percent of the surveyed chief information security officers and is the root cause of 74 percent of healthcare security teams’ retention problems. Continue Reading
-
News
27 Feb 2023
MedusaLocker Ransomware Leveraged In Healthcare Cyberattacks
HC3 described the MedusaLocker ransomware variant as “lesser known but potent” and recommended that healthcare security defenders apply necessary mitigations. Continue Reading
-
News
24 Feb 2023
Clop Ransomware Continues to Threaten Healthcare Sector, HC3 Warns
Clop ransomware recently claimed that it leveraged a vulnerability in Fortra’s GoAnywhere managed file transfer (MFT) solution to attack more than 130 organizations, including healthcare entities. Continue Reading
-
News
21 Feb 2023
CommonSpirit Health Ransomware Attack Leads to $150M in Losses To Date
As previously reported, CommonSpirit Health suffered a ransomware attack in October 2022 that impacted facilities across its network. Continue Reading
-
News
17 Feb 2023
35% More Patients Impacted by Healthcare Data Breaches in H2 2022
A critical Insight report on healthcare data breaches found that the number of health records exposed increased from 21.1 million in 2019 to 28.5 million in 2021. Continue Reading
-
News
15 Feb 2023
DDoS Attacks Continue to Threaten Healthcare Cybersecurity
HC3’s latest brief shed light on the threat of Distributed Denial of Service (DDoS) attacks on healthcare cybersecurity, noting that they may have “detrimental impact on the ability to provide care.” Continue Reading
-
News
14 Feb 2023
UMass Memorial Health Center Resolves Healthcare Data Breach Lawsuit With $1.2M Settlement
The proposed settlement will resolve allegations relating to a 2020 healthcare data breach at UMass Memorial Health Center that impacted patient PHI. Continue Reading
-
Answer
14 Feb 2023
Tackling Third-Party Risk Management (TPRM) Challenges In Healthcare
Third-party risk management (TPRM) is a crucial component of any healthcare organization’s security and compliance programs. Continue Reading
-
News
13 Feb 2023
GootLoader Malware, SEO Poisoning Impacting Healthcare
Cybereason observed new deployment methods of the GootLoader malware loader, as well as SEO poisoning techniques that are impacting the healthcare and finance sectors in particular. Continue Reading
-
News
10 Feb 2023
Nearly 63K Impacted by Healthcare Data Breach from Exploited Web Server
Sharp HealthCare in San Diego suffered a healthcare data breach after an unauthorized third-party gained access to the organization’s web server potentially exposing some PHI. Continue Reading
-
News
10 Feb 2023
HHS, FBI, CISA Warn of North Korean State-Sponsored Cyber Threat Actors Targeting Healthcare
US and South Korean authorities issued a joint cybersecurity advisory to warn healthcare organizations about North Korean state-sponsored cyber threat actors who have been conducting ransomware attacks against the sector. Continue Reading
-
News
09 Feb 2023
Business Email Compromise (BEC) Attacks Continue to Increase in Healthcare
Threat actors leverage business email compromise (BEC) attacks to take advantage of well-meaning employees and gain network access. Continue Reading
-
News
09 Feb 2023
GoodRx Faces Lawsuit Over Alleged Improper Health Data Sharing Practices
Prior to the proposed class action lawsuit filed by a GoodRx user, the Federal Trade Commission (FTC) imposed a $1.5 million civil penalty against GoodRx to resolve allegations of improper health data sharing practices. Continue Reading
-
News
08 Feb 2023
Top Healthcare Cybersecurity, IoT, Privacy Vendors Achieve Best in KLAS Status
KLAS named Imprivata, Medigate by Claroty, Fortified Health Security, and more as Best in KLAS in the healthcare cybersecurity and privacy space in 2023. Continue Reading
-
News
08 Feb 2023
Third-Party Data Breach Victims Double, Healthcare Most Targeted
A Black Kite report revealed the increasing level of impact third-party had on select industries, with healthcare as the most targeted sector. Continue Reading
-
News
07 Feb 2023
Consumers More Concerned About Financial Data Compromise Than Healthcare Data Breaches
Kroll found that more consumers took advantage of free monitoring services when they were impacted by a breach in the finance industry compared to those who were impacted by a healthcare data breach. Continue Reading
-
News
06 Feb 2023
Rise in Third-Party Data Breaches Requires Updated Risk Management Approach
More than 98 percent of analyzed healthcare organizations have a relationship with at least one breached third-party vendor, a new report shows. Continue Reading
-
News
03 Feb 2023
Tallahassee Memorial HealthCare Diverts EMS Amid “IT Security Issue”
Tallahassee Memorial HealthCare is responding to an IT security issue that began on Thursday evening and has led to EMS diversions and outpatient procedure cancellations. Continue Reading
-
News
02 Feb 2023
FTC Imposes $1.5M Penalty on GoodRx Over Failure to Report Healthcare Data Breach
The FTC alleged that GoodRx failed to notify consumers of a healthcare data breach stemming from its unauthorized disclosure of user health information to Facebook, Google, and other third parties. Continue Reading
-
News
02 Feb 2023
3 Cybersecurity Vulnerabilities in OpenEMR Can Lead to Remote Code Execution
HHS urged the healthcare sector to upgrade to the most recent version of OpenEMR to protect against three recently discovered cybersecurity vulnerabilities. Continue Reading
-
Answer
01 Feb 2023
How Sen. Warner Aims to Mitigate Healthcare Cybersecurity Risks Through Legislation
Senator Mark Warner spoke with HealthITSecurity about the healthcare cybersecurity challenges discussed in his recent policy options paper and how he plans to address them. Continue Reading
-
News
31 Jan 2023
HC3: KillNet Hacktivist Group Uses DDoS Cyberattacks to Target Healthcare
HC3’s latest analyst note details the cyberattack tactics of KillNet, a hacktivist group known to target the healthcare sector by executing DDoS cyberattacks. Continue Reading
-
News
30 Jan 2023
IL Hospital Reaches $380K Settlement to Resolve Lawsuit Over Healthcare Data Breach
The healthcare data breach stemmed from an incident in which billing statements containing PHI were sent to the wrong patients. Continue Reading
-
News
30 Jan 2023
IL Social Services Organization Notifies 184K of Healthcare Ransomware Attack
The January 2022 ransomware attack potentially involved the protected health information (PHI) of more than 184,000 individuals. Continue Reading
-
News
27 Jan 2023
UCHealth, UCLA Health Report Healthcare Data Breaches
The healthcare data breach at UCHealth stemmed from a third-party vendor, and the UCLA Health breach was tied to the organization’s use of analytics tools. Continue Reading
-
News
27 Jan 2023
Logan Health Reaches $4.3M Settlement Following Healthcare Data Breach Lawsuit
Logan Health suffered a healthcare data breach in November 2021 that impacted more than 213,000 individuals and led to potential unauthorized PHI access. Continue Reading
-
News
26 Jan 2023
DOJ Takes Down Hive Ransomware Group
The Justice Department completed a months-long disruption campaign against Hive ransomware group, a threat group known to aggressively target healthcare and other critical infrastructure sectors. Continue Reading
-
News
26 Jan 2023
CISA: Federal Employees Targeted in Malicious Cyber Threat Campaign Using RMM Software
Threat actors leveraged legitimate remote monitoring and management (RMM) software to execute a widespread campaign against federal civilian executive branch (FCEB) employees. Continue Reading
-
News
25 Jan 2023
Downloaders, Ransomware, Among Top Healthcare Cyberattack Tactics in Q4
A new report from BlackBerry sheds light on Q4 2022 healthcare cyberattack trends, showing that ransomware is still a dominant tactic. Continue Reading
-
Answer
24 Jan 2023
How An Independent Practice Recovered From a Third-Party Ransomware Attack
A NC-based family physician shares lessons learned after his independent practice was collateral damage in a third-party ransomware attack originating at a cloud provider. Continue Reading
-
News
23 Jan 2023
CommonSpirit Health Faces Class Action Lawsuit in Wake of Healthcare Data Breach
CommonSpirit Health suffered a ransomware attack in October that impacted multiple facilities and more than 620,000 individuals across the health system. Continue Reading
-
News
23 Jan 2023
Hacking Accounted For Nearly 80% of Healthcare Data Breaches Last Year
In past years, unauthorized disclosures, loss, theft, and improper disposal accounted for more healthcare data breaches than malicious hacking. Continue Reading
-
News
19 Jan 2023
HC3 Warns Healthcare of AI’s Use in Malware Development
In its latest brief, HC3 details how artificial intelligence (AI) can be used by threat actors to aid in malware development, forming a serious threat to healthcare cybersecurity. Continue Reading
-
Answer
19 Jan 2023
How Northwell Health Runs Its Cybersecurity Training and Awareness Program
The New York health system uses a variety of tactics to keep its cybersecurity training and awareness program fresh and engaging for its entire workforce. Continue Reading
-
News
18 Jan 2023
PA University Addresses Cybersecurity Workforce Shortage With New Apprenticeship Program
The Drexel University registered apprenticeship program will provide students with training and skills based on national standards to mitigate the cybersecurity workforce shortage. Continue Reading
-
News
18 Jan 2023
How Healthcare Cybersecurity Benchmarking Can Help Sector Enhance Security Efforts
Healthcare cybersecurity benchmarking can help health IT experts establish cybersecurity program goals and improve decision-making, a new survey from Censinet and Ponemon Institute suggests. Continue Reading
-
News
17 Jan 2023
CISA Reflects on Past Year, Upcoming Critical Infrastructure Security Priorities
CISA’s 2022 Year in Review outlines the four-year-old agency’s top accomplishments of the past year and hints at upcoming critical infrastructure security priorities. Continue Reading
-
News
16 Jan 2023
Ransomware Operators Continue to Aggressively Target US Healthcare Sector
HC3’s latest brief highlights the tactics and capabilities of Royal ransomware and BlackCat ransomware, two groups that are known to target the healthcare sector. Continue Reading
-
News
13 Jan 2023
Larger Organizations Most Likely to Be Affected by Ransomware Attacks
New data revealed over 50 percent of organizations with more than 100 employees are targeted by ransomware attacks. Continue Reading
-
News
11 Jan 2023
Global Cyberattacks Increased By 38% Last Year, Healthcare Hit Hard
Healthcare, education, and government were the three industries most impacted by cyberattacks in 2022, new data from Check Point Research suggests. Continue Reading
-
News
11 Jan 2023
Healthcare CISOs Form Health3PT Council to Improve Third-Party Risk Management
More than 20 healthcare leaders joined forces to form the Health 3rd Party Trust (Health3PT) Initiative and Council aimed at identifying new approaches for tackling third-party risk. Continue Reading
-
News
10 Jan 2023
Healthcare Sector Faces Critical Challenges With Supply Chain Risk Management
A new survey conducted by Ponemon Institute on behalf of the Health Sector Coordinating Council (HSCC) showed that healthcare organizations are struggling to maintain basic supply chain risk management practices. Continue Reading
-
News
09 Jan 2023
Breach Reporting Requirements Are Top Concern For Security Teams
Alongside data breach reporting requirements, cybersecurity professionals are likely to encounter challenges with digital transformation, talent shortages, and rising security investments in 2023. Continue Reading
-
News
06 Jan 2023
HC3: Clop Ransomware Group Preying on Healthcare Sector
Clop ransomware group has reportedly been infecting files that look like medical documents and subsequently requesting medical appointments in hopes of getting victims to open the malicious files. Continue Reading
-
News
05 Jan 2023
Healthcare Ransomware Attacks More Than Doubled Over Past 5 Years
According to a study published in JAMA Health Forum, healthcare ransomware attacks have more than doubled from 2016 to 2021, posing potential risks to patient safety in the process. Continue Reading
-
News
05 Jan 2023
Avalon Healthcare, Morley Companies Reach Healthcare Data Breach Settlements
Healthcare data breach lawsuits and settlements are becoming more common as high-profile breaches continue to impact the healthcare sector. Continue Reading
-
News
03 Jan 2023
Scripps Health Reaches $3.5M Settlement After Ransomware Attack
Scripps Health recently settled a class action lawsuit stemming from a 2021 ransomware attack that impacted 1.2 million individuals. Continue Reading
-
News
30 Dec 2022
Pro-Russian Hacktivist Group KillNet Poses Threat to US Healthcare Cybersecurity
HC3 warned the sector of a pro-Russian hacktivist group called KillNet, which could endanger healthcare cybersecurity. Continue Reading
-
News
22 Dec 2022
New Version of HITRUST CSF Helps Healthcare Tackle Emerging Cybersecurity Threats
HITRUST will release CSF version 11 in January 2023, promising improved mitigations against emerging cybersecurity threats and an AI-based standards development toolkit. Continue Reading
-
News
21 Dec 2022
Key Medical Device Security Requirements Included in Omnibus Bill
The 4,100-page omnibus bill keeps the government funded through September 30 and includes key medical device security provisions. Continue Reading
-
News
21 Dec 2022
MA Executive Order Confronts Increasing Cybersecurity Threats
The executive order will establish a Massachusetts cyber incident response team furthering Governor Baker’s effort to manage significant cybersecurity threats and attacks. Continue Reading
-
News
20 Dec 2022
Citrix Releases Patches For Cybersecurity Vulnerability Used to Target Healthcare
HC3 urged healthcare organizations to prioritize patching known cybersecurity vulnerabilities found in the Citrix Application Delivery Controller and Gateway platforms. Continue Reading
-
Answer
19 Dec 2022
Top Free Resources For Improving Healthcare Cybersecurity
Regardless of size, structure, or budget, providers can leverage free or low-cost industry resources to improve healthcare cybersecurity. Continue Reading
-
News
16 Dec 2022
Healthcare Cybersecurity Measures Must Go Beyond Perimeter Security
Over 90 percent of surveyed critical infrastructure leaders agree they cannot solely depend on perimeter security, indicating that healthcare cybersecurity measures must go further than the firewall. Continue Reading
-
News
14 Dec 2022
HHS Warns Healthcare Sector of LockBit 3.0, BlackCat Ransomware
LockBit 3.0 and BlackCat ransomware have been known to target healthcare organizations with highly sophisticated tactics. Continue Reading
-
News
14 Dec 2022
Cybersecurity Resilience Top Priority for 96% of Surveyed Executives
Organization executives are focusing on preventing incidents and mitigating losses rather than retaining security talent when listing their main objectives for cybersecurity resilience, a new survey found. Continue Reading
-
News
13 Dec 2022
CHIME, AEHIS Provide Feedback on Senator Warner’s Cybersecurity Policy Options Paper
CHIME and AEHIS applauded Senator Warner’s commitment to enhancing healthcare cybersecurity and advocated for the creation of more cybersecurity programs aimed at small and under-resourced providers. Continue Reading
-
News
12 Dec 2022
HC3 Explores Cybersecurity Implications of Automation in Healthcare
HC3’s latest brief dives into the history of automation, its uses in cybersecurity, and how it may impact healthcare. Continue Reading
-
News
09 Dec 2022
Conway Regional Medical Center Reaches $295K Settlement Over Healthcare Data Breach
The Arkansas medical center fell victim to a phishing scam in 2019, leading to a healthcare data breach lawsuit. Continue Reading
-
News
08 Dec 2022
HC3: Royal Ransomware Impacts Healthcare Sector
Royal ransomware appears to consist of experienced threat actors from other ransomware groups, HC3 noted. Continue Reading
-
Feature
07 Dec 2022
3 Trends From the HIMSS Healthcare Cybersecurity Forum
Enhancing collaboration and communication, managing third-party risk, and balancing innovation with security were among the top trends discussed at this year’s HIMSS Healthcare Cybersecurity Forum. Continue Reading
-
News
07 Dec 2022
AHA Shares Recommendations Regarding Cybersecurity Policy Proposals
Hospitals and healthcare systems need future support through cybersecurity policies to address cybersecurity threats, the AHA stated following Senator Mark R. Warner’s policy options paper. Continue Reading
-
News
06 Dec 2022
Balancing Digital Transformation With Healthcare Cybersecurity
Forrester experts shared best practices for maintaining healthcare cybersecurity amid rapid digital transformation at the HIMSS Healthcare Cybersecurity Forum in Boston. Continue Reading
-
Answer
06 Dec 2022
3 Strategies for Healthcare Merger, Acquisition Cybersecurity Due Diligence
Assessing the target company’s cyber resiliency and establishing a list of non-negotiables are among the top strategies for conducting healthcare merger and acquisition cybersecurity due diligence. Continue Reading
-
News
05 Dec 2022
CISA, FBI Alert Healthcare Sector of Cuba Ransomware Tactics
The Cuba ransomware group has collected over $60M in ransom payments and comprised more than 100 critical infrastructure organizations, including many within the healthcare sector. Continue Reading
-
News
02 Dec 2022
Weak Connected Medical Device Security Increases Cyberattack Threats
A new survey found that healthcare organizations with more connected medical devices have a 24 percent greater risk for cyberattacks, underscoring a need for more medical device security. Continue Reading
-
News
01 Dec 2022
San Juan Regional Medical Center Reaches Settlement Following Healthcare Data Breach
The class-action lawsuit stemmed from a 2020 healthcare data breach that impacted nearly 69,000 individuals. Continue Reading
-
Answer
30 Nov 2022
How HITECH Recognized Security Practices Boost Healthcare Cybersecurity
The voluntary use of HITECH recognized security practices can help covered entities bolster their security postures and better protect themselves against top healthcare cybersecurity threats. Continue Reading
-
News
30 Nov 2022
New Connected Device Security Maturity Model Helps Orgs Strengthen Cybersecurity
Ordr published a connected device security maturity model containing five steps to help organizations manage connected device risks and improve their cybersecurity postures. Continue Reading
-
News
29 Nov 2022
Healthcare Industry Remains a Top Victim of Ransomware Attacks
Guidepoint Research’s latest ransomware report revealed that the healthcare industry was the second most targeted industry by ransomware attacks specifically targeted by groups like Everest and LockBit. Continue Reading
-
News
22 Nov 2022
Lorenz Ransomware Targets Large Healthcare Orgs, HC3 Warns
Lorenz ransomware targets large organizations via “big-game hunting” and is known to publish data publicly during the extortion process. Continue Reading
-
News
21 Nov 2022
OIG: HHS Must Modernize Its Approach to Cybersecurity
OIG called on HHS to modernize its cybersecurity approaches and improve data governance efforts. Continue Reading
-
News
21 Nov 2022
Forefront Dermatology To Pay $3.75M In Healthcare Data Breach Settlement
More than 2.4 million individuals were impacted by the May 2021 healthcare data breach at Forefront Dermatology. Continue Reading