Although cyberattacks on medical devices that could potentially harm patients so far have only been demonstrated in lab settings, there have been actual cases involving the hacking of devices to gain access to patient data, says ethical hacker Stephanie Domas.
A class action lawsuit against telehealth software vendor MDLive shines a spotlight on regulatory gaps and other murky privacy and security issues related to the growing use of consumer health applications.
Medical device manufacturers and healthcare entities should take five key cyber-related steps to help ensure patient safety, says Beau Woods of the grassroots cyber-safety advocacy group, I Am the Cavalry.
NIST's proposed update to its cybersecurity framework needs to better address specific concerns of the healthcare sector, say some industry groups commenting on the recently released draft. So, what are they asking NIST to do?
Collaboration between medical device manufacturers and ethical hackers who discover vulnerabilities is getting better, but there's still plenty of room for improvement, says Bill Aerts, the former global privacy and security officer of Medtronic.
Recent settlements between New York State's attorney general office and three mobile app vendors for misleading privacy and marketing practices could have implications for other developers, especially if other states follow suit with their own enforcement actions, some legal experts say.
Some medical devices, smartphones and internet of things gadgets contain certain types of sensors that are vulnerable to potential hacking using sound waves, says cybersecurity researcher Kevin Fu, who calls on manufacturers to address the risks.
With ransomware attackers having already launched attack code with themes ranging from horror movies and Pokemon to Hitler to cats, it was only a matter of time before they decided to beam Star Trek's Kirk and Spock direct to would-be victims' PCs.
McDonald's home food delivery app in India leaked sensitive personal information relating to 2.2 million users. But the restaurant giant only addressed the insecure API after a researcher went public one month after informing McDonald's about the problem.
With apologies to Troy Hunt, the last thing you want to see in the morning as you're having your first cup of coffee and scanning the interwebz for cat videos is a notice from his "Have I Been Pwned" breach-alert service.
Britain's GCHQ intelligence agency dismissed as "utterly ridiculous" claims that it conducted surveillance on then-candidate Donald Trump at the request of President Obama. The White House reportedly apologized to the British government for its comments.
The Trump administration has called for trimming the budget for the Department of Health and Human Services by 18 percent. But what do we know so far about proposed funding for HHS initiatives designed to help ensure health data security and privacy?
Hackers have been targeting the likes of AOL and Yahoo, in part, because a certain generation of users - including many senior U.S. officials - continue to use the services to send and store state secrets. Let's make sure future generations don't make similar mistakes.