Study Finds Telemedicine Use Varies By Race And Ethnicity
A recent study conducted by the University of Houston (UH) College of Medicine has found that telemedicine use remains unbalanced across populations as a result…
Rise in Class Action Lawsuits Subsequent to Healthcare Data Incidents
The law firm BakerHostetler has shared its 8th Annual Data Security Incident Response (DSIR) Report, which offers insights according to 1,270 data security incidents managed…
Connecticut Health Insurance Exchange Auditor Finds 44 Unreported Data Breaches
An audit of the Health Insurance Exchange of Connecticut, Access Health CT, by the state auditor showed that Access Health CT encountered 44 data breaches…
Horizon Actuarial Services , Clinic of North Texas and Parkland Community Health Plan Announces Data Breaches
Horizon Actuarial Services, Clinic of North Texas, and Parkland Community Health Plan have just announced breaches of the protected health information (PHI) of patients and…
OCR: HIPAA Security Rule Compliance May Stop and Mitigate Many Cyberattacks
Healthcare hacking incidents are considerably increasing for several years. Hacking/IT incidents went up by 45% from 2019 to 2020. In 2021, 66% of breaches relating…
President Biden Advises Private Sector To Strengthen Cybersecurity
The economic sanctions placed on Russia in reaction to the invasion of Ukraine have raised the possibility of cyberattacks by state-sponsored hackers, according to a…
Healthcare Scores Badly for Executing the Cyber Incident Response
2021 was awful in terms of healthcare data breaches having more than 50 million records exposed and around 900 data breaches documented by databreaches.net. Given…
RAND Report Finds Audio-Only Telehealth Use Common Among Safety-Net Facilities
A RAND Corporation analysis discovered that audio-only telehealth visit numbers at safety-net health clinics remained greater than video-based treatment during the COVID-19 crisis, particularly for…
CISA & FBI Warn Against Russian Actor MFA Exploits
In a joint cybersecurity advisory, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) advise that state-sponsored Russian actors are…
3 Email Security Breaches Impacted Around 111,000 Patients
Email account breach reports were filed by Montrose Regional Health, Acacia Network, and EPIC Pharmacy Network. Montrose Regional Health The health system Montrose Regional Health…
Survey Finds Wearables Improve Quality Of Life
A survey conducted by software research company Software Advice has revealed that the majority of healthcare consumers improved their health and quality of life. The…
OCR Director Urges HIPAA-Regulated Entities to Fortify Their Cybersecurity Posture
In the latest blog post, Director Lisa J. Pino of the HHS’ Office for Civil Rights told HIPAA-regulated entities to do something to fortify their…
2021 Had Sharp Increase in Ransomware Data Leaks and Higher Ransom Demands
According to the annual threat report published by CrowdStrike, there were a lot more data leaks right after ransomware attacks in 2021, increasing by 82%…
Joint Alert on Higher Risk of Ransomware Attacks on Critical Infrastructure
Cybersecurity agencies in Australia, the United States, and the United Kingdom, issued a joint security advisory concerning the greater worldwide threat of ransomware attacks and…
PHI of 138K Persons Compromised Due to 3 Email Security Incidents
Hackers have acquired access to email accounts comprising protected health information (PHI) at Volunteers of America Southwest California, iRise Florida Spine and Joint Institute, and…
About the Healthcare Data Breach Reporting Concern
The HIPAA Breach Notification Rule necessitates the issuance of a data breach notification letter to the Secretary of the HHS “without unnecessary delay” and no…
EyeMed Pays $600,000 Penalty to Resolve 2.1 Million-Record Data Breach
New York Attorney General Letitia James reported the first settlement of 2022 involving a healthcare data breach. The vision benefits company in Ohio, Med Vision…
Class Action Lawsuit Filed Against QRS Because of 320,000-Record Data Breach
QRS, a healthcare technology services firm and EHR vendor in Tennessee, is confronted with a class-action lawsuit related to a cyberattack in August 2021 that…
About 30 Healthcare Companies Impacted by CIOX Health Security Breach
The health data management services provider CIOX Health suffered a data breach that has impacted a minimum of 32 healthcare companies. Last July 2021, CIOX…
About 80,000 Patients Affected by Fertility Centers of Illinois Cyberattack
Fertility Centers of Illinois (FCI) has just informed 79,943 existing and former patients regarding unauthorized individuals that may have viewed or obtained some of their…
Patient Records Stolen in a Cyberattack on the Medical Review Institute of America
The Medical Review Institute of America (MRoiA) encountered an alleged ransomware attack in November 2021 that resulted in the theft of sensitive patient data. MRoiA…
New Data Shows Magnitude of Ransomware Attacks on the Healthcare Industry
The CyberPeace Institute has published new information on cyberattacks in the healthcare sector. As per the most current stats, 295 cyberattacks are identified to have…
About 50,000 Health Plan Members Impacted by Broward County Public Schools Ransomware Attack
In March 2021, Broward County Public Schools located in Florida suffered a ransomware attack resulting in the encryption of its data files. Based on the…
Four Indicted For Conspiracy Following $37 Million Telehealth Fraud Scheme
Four people – David Woroboff of Del Rey, California, George Willard of Brooklyn, Michigan, Randall Mills of Plano, Texas, and Dr. Le Thu, a licensed…
Sound Generations Encounters Two Ransomware Attacks Impacting More Than 100,000 Persons
Sound Generations based in Seattle, WA, has reported that unauthorized people have acquired access to its internal networks and have utilized ransomware for file encryption….
One Community Health Patients Alerted Concerning a Cyberattack and Data Theft in April 2021
One Community Health located in Sacramento, CA has lately informed patients about the compromise of its systems from April 19 to April 20, 2021. It…
Higher Risk of Cyber and Ransomware Attacks During Thanksgiving Break
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have informed businesses in the U.S. concerning the higher risk of…
Security Breaches Reported by Lakeshore Bone & Joint Institute and Putnam County Memorial Hospital
Lakeshore Bone & Joint Institute, an Orthopedic practice located in Indiana, has suffered a breach that impacted its Microsoft Office 365 account, including email messages…
PHI Potentially Exposed in Hacking Incidents at Three Healthcare Companies
Prairie Lakes Healthcare System Hacked Prairie Lakes Healthcare System located in Watertown, S.D. has discovered that an unauthorized man or woman has obtained access to…
Family of Woodstock and Viverant Suffer Cyberattacks
Family of Woodstock (FOW), a New York company providing crisis intervention, information, protection, and support solutions, has encountered a cyberattack that caused the potential exposure…
Medical AI Database That Contain Over 800 Million Records Exposed On the Internet
Security researcher Jeremiah Fowler and Website Planet discovered an unsecured database owned by Deep6.ai, an American medical AI platform provider. The database comprised over 800…
Data Breaches Encountered by PracticeMax and UMass Memorial Health
Health plan members of Anthem who have End-Stage Kidney Disease and are registered in the VillageHealth program were informed regarding the possible exposure of some…
Fight the Phish! this Cybersecurity Awareness Month
Based on the Verizon Data Breach Investigations Report, 80% of all reported cyberattacks in 2019 are caused by phishing and from the start of the…
Around 54,000 Patients Affected by Ransomware Attack at OSF HealthCare
The not-for-profit Catholic health system located in Peoria, IL, OSF HealthCare, began informing 53,907 patients regarding a cyberattack that was uncovered on April 23, 2021….
20% of Healthcare Providers Report Higher Patient Mortality Following a Ransomware Attack
Although there were no reported incidents of death of American patients as a direct consequence of a ransomware attack, new research indicates an increase in…
Healthcare Companies Face Legal and Technological Difficulties Reaching CCPA Compliance
Healthcare companies that must abide by the California Consumer Privacy Act (CCPA) are dealing with difficulties reaching compliance, based on a new study publicized in…
Security Standards For Digital Health Apps And Devices Highlighted By FTC
The Federal Trade Commission (FTC) has announced a policy statement confirming that health apps and connected devices that collect or use health information must abide…
Jackson Health Looks into Social Media HIPAA Violation That Involve a Nurse
Jackson Health has begun looking into a patient privacy violation case after a nurse posted images on Facebook of a baby that has a birth…
Researchers Use Digital Health Wearables To Identify Pandemic-Induced Stress In Healthcare Professionals
Researchers at Mount Sinai conducted a study using wearable devices to examine the physiological effects on healthcare workers during the COVID-19 pandemic. Results showed that…
New Grant Aims To Help Develop A Medical Device To Stop Epileptic Seizures
Nuri Firat Ince, an associate professor of biomedical engineering at the University of Houston, has been awarded a $3.7 million BRAIN initiative grant from the…
Increased Risk of Ransomware Attacks over Labor Day Weekend According to FBI & CISA
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a notice to all public and private sector establishments…
12,000 Patients Impacted by Revere Health Phishing Attack
The U.S. Agency for International Development (USAID) had been impersonated in a phishing attack that has ended in the breach of the protected health information…
PHI of 47,000 People Potentially Affected in Electromed Inc. Data Breach
Electromed Inc. based in New Prague, MN, is a developer and maker of airway clearance devices. It has reported a security breach that occurred in…
Email Account Breaches Reported by A2Z Diagnostics and Vision for Hope
A2Z Diagnostics, a specialist diagnostic testing laboratory in New Jersey, has begun alerting patients about the inclusion of some of their protected health information (PHI)…
PHI Likely Exposed in Eye Center and Law Company Ransomware Attacks
Francisco J. Pabalan MD of Pabalan Eye Center based in Riverside, CA has said a ransomware attack has impacted approximately 50,000 patients. The center found…
Overlake Hospital Medical Center Offers Settlement to Take Care of the Data Breach Case
Overlake Hospital Medical Center in Bellevue, WA has offered a settlement to take care of a class-action lawsuit it is facing. Victims of a breach…
Email Security Breaches Reported by MultiPlan and Hawaii Independent Physicians Association
The medical payment billing service company MultiPlan had reported a breach of its email system. On January 27, 2021, suspicious activity was discovered in the…
Man From Texas Sentenced to 48 Months Imprisonment for Crime Concerning Theft of Electronic Health Records
A man from Texas was sentenced to 48 months imprisonment right after pleading guilty to one count of conspiracy to acquire data from a protected…
Dominion National Offers $2 Million as Settlement for Class Action Lawsuit
Dominion National in Virginia, an insurance provider, a health plan manager, and a dental and vision benefits manager, has consented to resolve a class-action lawsuit…
Information Breaches at San Juan Regional Medical Center, Springfield Psychological And Coastal Medical Group
San Juan Regional Medical Center has lately informed thousands of its patients regarding a security breach that took place in the fall of 2020. The…
Federal Judge Dismissed Houston Hospital Employees’ Lawsuit over Vaccine Mandate
Many U.S. employers have put in place a policy that calls for their workers to be vaccinated against COVID-19, which includes a number of big…
Vulnerabilities Discovered in Hillrom Medical Device Management Tools
Hillrom medical device management tools had been discovered to have two medium severity vulnerabilities that could cause the leakage of sensitive information, corruption of information,…
The National Institute Of Standards And Technology Releases Advice For First Responders On How To Use Biometric Authentication On Mobile devices
A new report from the National Institute of Standards and Technology (NIST) has highlighted the use of biometric authentication on mobile devices to enable quick…
Critical Vulnerabilities Discovered in MesaLabs Lab Temperature Monitoring System
Stephen Yackey of Securifera discovered five vulnerabilities in the AmegaView continuous monitoring system of MesaLabs, which is employed in hospital labs, forensics laboratories, and biotech…
Michigan Guy Pleads Guilty to Stealing And Selling of PII of UPMC Staff
A Michigan male has confessed to hacking into the human resource data storage of the University of Pittsburgh Medical Center from 2013 to 2014 and…
Data Breaches at Woodholme Gastroenterology Associates and SEIU 775 Benefits Group in Washington and an Identity Theft Case
SEIU 775 Benefits Group in Washington has informed around 140,000 of its members regarding the exposure of some of their protected health information (PHI). Around…
Pennsylvania Department of Health and Insight Global Sued over 72,000-Record Data Breach
The Pennsylvania Department of Health along with its COVID-19 contact tracing vendor are being sued due to a breach of the personal and health information…
Lawmakers Want the Breach of the Contact Tracing Information of 72,000 Pennsylvanians Reviewed
Lawmakers in the Commonwealth of Pennsylvania are asking for a data breach to be investigated. The incident pertains to the contact tracing information of 72,000…
Guidelines for Network Defenders to Discover and Prevent Russian Cyber Operations
A joint cybersecurity notice was given by the Federal Bureau of Investigation (FBI), the Department of Homeland Security (DHS), and the Cybersecurity and Infrastructure Security…
Data Breaches at Total Health Care Inc and Harrington Physician Services
Total Health Care Inc., a health plan based in Detroit, MI, found out that unauthorized people have acquired access to a number of staff email…
Implementation of the HHS Information Blocking and Interoperability Regulations
The new information blocking and interoperability rules created by the Department of Health and Human Services included in the 21st Century Cures Act became effective…
Email Security Breaches at Orthopaedics Practice, Administrative Advantage, and Parkland Health and Hospital System
The Centers for Advanced Orthopaedics located in Maryland, Washington DC, and Virginia found out that unauthorized persons got access to the email accounts of several…
PHI Exposed Due to Ransomware Attacks on the University of Miami Health and Mott Community College
A ransomware attack on Accellion, a file transfer service company, permitted unauthorized individuals to access the protected health information (PHI) of University of Miami Health…
Class Action Lawsuit Filed Against UPMC and Charles Hilton and Associates
University of Pittsburgh Medical Center (UPMC) and the Charles Hilton and Associates law company are confronting a class action lawsuit due to a breach of…
NY Nurse Pleads Guilty to Consumer Product Tampering in HIPAA Case
A former nurse at Roswell Park Comprehensive Cancer Center admitted to a crime of tampering with a consumer item in a case that involves fraudulence…
FTC Urged to Implement Breach Notification Rule Whenever Fertility Tracking Apps Share User Information With no Authorization
On March 4, 2021, Senator Robert Menendez (D-New Jersey), and Reps. Mikie Sherrill (D-New Jersey) and Bonnie Watson Coleman (D-New Jersey) authored a letter recommending…
Microsoft Launches Patches for Four Actively Exploited Vulnerabilities in Microsoft Exchange Server
Microsoft has introduced out-of-band security changes to deal with the four zero-day Microsoft Exchange Server vulnerabilities which a Chinese Advanced Persistent Threat (APT) group identified…
Facts About Healthcare Industry Cyber Threats and the Supply Chain Helping Criminal Activity
All through the pandemic, cybercriminals took advantage of new opportunities and have been attacking hospitals, medical clinics, and other companies and organizations on the front…
Lawmakers In Washington State Consider Establishing Guidelines For Audio-Only Telehealth
State Rep. Marcus Riccelli’s HB 1196, which sets specific guidelines for use and coverage of audio-only telehealth platforms such as the phone, has been met…
Impermissible Disclosure of the PHI at Campbell County Health and UT Southwestern Medical Center
A Campbell County Health (CCH) employee made an email error that resulted in the impermissible disclosure of the protected health information (PHI) of 900 people….
Hospital Researcher Jailed for Stealing and Selling Research Data to China
A female who was employed in a medical research laboratory at the Nationwide Children’s Hospital in Columbus, OH was sent to jail for theft of…
Global Law Enforcement Action Interferes with NetWalker Ransomware Activities
The U.S. Department of Justice (DOJ) issued an announcement about the seizure of a dark web website utilized by the NetWalker ransomware gang in connection…
RAND Survey Shows Benefits Of Incorporating Audio-Only Phones In Telehealth Services
A RAND study of telehealth traffic at federally qualified health centers in California serving low-income residents found that almost half of all primary care visits…
Rady Children’s Hospital Confronted With Class Action Lawsuit as a Result of the Blackbaud Ransomware Attack
In May 2020, the cloud software corporation Blackbaud encountered a ransomware attack. As is typical in human-operated ransomware attacks, the attackers exfiltrated files before file…
M.D. Anderson Cancer Center’s $4.3 Million HIPAA Penalty Revoked on Appeal
The U.S. Court of Appeals for the Fifth Circuit has reversed the $4,348,000 HIPAA violation charges enforced by the Department of Health and Human Services’…
HITECH Act Amendment To Provide Cybersecurity Safe Harbor Signed into Law
On January 5, 2020, President Trump signed a bill (HR 7898) that makes changes to the Health Information Technology for Economic and Clinical Health Act…
Hidden Backdoor Found in 100,000 Zyxel Products
A vulnerability was found in Zyxel devices such as firewalls, VPN gateways, and access point (AP) controllers that hackers may take advantage of to get…
CISA Introduces Website About the SolarWinds Supply Chain Compromise and Free Tool to Detect Malicious Activity
The DHS’ Cybersecurity and infrastructure Security Agency has published a website with resources concerning the recent activities of the advanced persistent threat (APT) group liable…
19th HIPAA Penalty of 2020 Issued by OCR
The Department of Health and Human Services’ Office for Civil Rights (OCR) has arrived at a settlement deal with Peter Wrobel, M.D., P.C., dba Elite…
Seasonal Staff Sentenced to 42-Months In Jail for Theft of Information from Healthcare.Gov Database
A seasonal staff at a tech firm in Virginia got sentenced to 42 months imprisonment for accessing patient files, theft of personally identifiable information (PII),…
Rave Mobile Safety Introduces COVID-19 Vaccine Distribution Solution
Rave Mobile Safety has introduced a COVID-19 Vaccine Distribution Solution that will make it possible for public health agencies to determine who should receive priority…
University of Minnesota Physicians and McLeod Health Encounters Email Account Breaches
University of Minnesota Physicians lately encountered a phishing attack that made it possible for unauthorized persons to get access to two employees’ email accounts. One…
Phishing Incidents Reported by Connecticut Department of Social Services, Mercy Iowa City, and LSU Care Services
Connecticut Department of Social Services (DSS) sent a notification about a potential breach of the protected health information (PHI) of 37,000 persons due to several…
ASPR Gives Update on Ransomware Activities in the Healthcare Sector
The HHS’ Office of the Assistant Secretary for Preparedness and Response (ASPR) has released a recent advisory on ransomware activity that targets the healthcare and…
PHI Incidents at Northwest Eye Surgeons and Sight Partners, DJO, LLC and Lawrence General Hospital
Server Breach Impacts Patients of Northwest Eye Surgeons and Sight Partners Northwest Eye Surgeons LLC and Sight Partners LLC began informing 20,838 patients regarding the…
Failure of New Haven, CT to Remove Past Employee’s Access Rights Led to $202,000 HIPAA Fine
The City of New Haven, Connecticut has made the decision to resolve its HIPAA violation case with the Department of Health and Human Services’ Office…
FDA Okays Tool for Determining Medical Device Vulnerability Scores
MITRE Corporation created a new rubric for determining Common Vulnerability Scoring System (CVSS) scores of medical device vulnerabilities and it has passed the FDA’s scrutiny….
Exposed Broadvoice Databases Contained 350 Million Records, Including Health Information
Comparitech security researcher Bob Diachenko has found an open group of databases that belong to the Voice over IP (VoIP) telecommunications merchant Broadvoice. The records…
Study Finds Telehealth Highly Effective In Treating Diabetic Foot Ulcers
A recent study published in BMJ Open Diabetes Research & Care by Kaiser Permanente has revealed that a telehealth platform, which enables health care providers…
CISA/FBI Advisory on APT Groups Chaining Legacy Vulnerabilities Along with Netlogon Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory about sophisticated advanced persistent threat groups sequencing…
CISA Publishes Advisory Due to Greater Emotet Malware Attacks
Subsequent to a time period of dormancy between February 2020 and July 2020, the Emotet botnet jumped back again and began spam runs circulating the…
Universal Health Services IT Systems Across the United States Shutdown Due to Ransomware Attack
Universal Health Services (UHS) based in King of Prussia, PA has encountered a major security breach that led to the unavailability of its IT systems….
A Dark Overlord Hacking Group Member Sentenced to 5 Years Imprisonment
The U.S. Department of Justice issued an advisory that an associate of the well known hacking group, The Dark Overlord, obtained his sentence to 5…
CISA Gives Alert of Continuing Attacks by Chinese Hacking Groups Aimed Towards F5, Pulse Secure, Citrix, and MS Exchange Vulnerabilities
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has released a security warning that hackers associated with China’s Ministry of State Security…
Resources to Enable Healthcare Companies Boost Resilience Against Insider Threats
The National Insider Threat Awareness Month (NITAM) is being celebrated this September 2020 for the second year. All through the month, resources will be offered…
Recommended Procedures to Prevent PHI Exposure in Online Medical Presentations
An advisory issued by the American College Of Radiology, the Society For Imaging Informatics In Medicine, and the Radiological Society of North America highlight a…
Study Shows Increase in Credential Theft Through Spoofed Login Pages
IRONSCALES new research showed a substantial spike in credential theft utilizing spoofed websites. In the first half of 2020, the researchers discovered and reviewed bogus…
About 10,000 Patients Affected by Beaumont Health and The Connection, Inc. Phishing Attacks
Beaumont Health, the leading healthcare system located in Michigan, began notifying 6,000 patients about the potential access of their protected health information (PHI) by unauthorized…
House of Representatives Approves the Lift on the Ban to Create HHS National Patient Identifier System
The House of Representatives voted to remove the restriction on the Department of Health and Human Services to use federal funds for creating a national…
PHI of Consumers Compromised in Theft Incidents at Cub Pharmacies
A pharmacy chain reported that looters stole the protected health information (PHI) of some of its clients at the end of May at the time…