The American Osteopathic Association has just begun notifying nearly 28,000 individuals about a June 2020 data exfiltration incident involving their personal information. The medical professional organization says workforce challenges during the pandemic led to the notification delay.
In 2020, reports indicated that cyberattacks on the healthcare industry more than doubled from 2019, with
ransomware accounting for 28 percent of all attacks. Unlike previous attacks focused
primarily on providers, the COVID-19 pandemic
exposed vulnerabilities in the entire healthcare sector.
Four federal agencies have been awarded $311 million to bolster the U.S. government's cyber defenses and address IT modernization challenges, according to the interagency board of the Technology Modernization Fund, a federal funding source, which made the announcement Thursday.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why enterprises need a multilayered approach to securing identity, how fraud will evolve in 2022 and the need to secure backdoors to prevent ransomware attacks.
California is extending a waiver that was set to expire this week. Similar to action taken by federal regulators, the extended California waiver relaxes enforcement of certain privacy and security regulations related to healthcare providers that offer telehealth services.
The Department of Health and Human Services has named Lisa J. Pino - a former Department of Homeland Security official charged with mitigating the massive 2015 cyberattack on Office of Personnel Management - as the new director of its HIPAA enforcement agency.
The COVID-19 crisis has posed an unparalleled challenge for cybersecurity. Like COVID-19, cyberattacks spread fast and far - creating more and more damage. But the pandemic has also had a positive impact on the cybersecurity function, which Tarun Kumar, CISO at Nissan, describes here.
Organizations are asking more of IT, legal and compliance teams than ever before. They need to manage more data—from more data sources. They must comply with more e-discovery requests. And they're expected to do it all more efficiently. ESG explores these trends in detail in a wide-ranging survey of more than 500...
Tammy Klotz took on a new job at a new company and even in a new state in 2020 - and she was charged with both establishing herself and raising the firm's cybersecurity posture. No challenge during a global pandemic, right? Here is how she has begun to pave her way.
A recently patched flaw in a mobile app allowing N.Y. residents to acquire and store a COVID-19 vaccine credential did not validate user input properly and stored forged verifications, according to security researchers. Experts say similar flaws could have dire consequences.
Bobby Ford of Hewlett Packard Enterprise says that too often when an organization engages with security, it happens in an ad hoc way. He describes his mission to create a Cybersecurity Center of Excellence to streamline the organization's security incident management and response processes.
Researchers say a pro-China influence operation leveraging a network of fake social media accounts has expanded, promoting in-person protests and narratives around COVID-19 and U.S. domestic policy, according to Mandiant, which does not definitively attribute the activity to the Chinese government.
The personal data of at least 1.3 million Indonesian residents, stored on two government-developed COVID-19 tracking apps, PeduliLindungi and eHAC, has been leaked online, according to security researchers. President Joko Widodo is among those affected.
An Australian software engineer warns that he was able to create a fake digital COVID-19 vaccine certificate via the government's Express Medicare Plus app, and that the agency in charge has so far failed to acknowledge his bug report. He recommends Australia instead copy the EU's QR code system.
As the last U.S. military flight lifted off Tuesday evening from the airport in Kabul, Afghanistan, what's been left behind reportedly includes a vast trove of biometric data that could be used to identify - including for interrogation or execution - individuals who assisted the occupying NATO forces.