The British data regulator is set to analyze the privacy implications of processing scraped data used for training generative artificial intelligence algorithms. The Information Commissioner's Office is soliciting comments from AI developers, legal experts and other industry stakeholders.
A North Carolina healthcare system has agreed to pay $6.6 million to settle a consolidated class action lawsuit involving its use of tracking tools in its websites and patient portals. The suit alleges the website trackers sent sensitive patient information to third parties without their consent.
Robert Blumofe, executive vice president and CTO at Akamai, expects social engineering, phishing, extortion and AI-driven attacks to dominate the threat landscape. He advised enterprises to use FIDO2-based MFA, zero trust, microsegmentation and API security to reduce risks.
Estimates of the number of devices affected by a duo of zero-days in a popular corporate VPN made by software developer Ivanti have skyrocketed from fewer than 10 to over 1,700. The flaws affect the firm's Connect Secure VPN appliance, formerly known as Pulse Secure, and Ivanti Policy Secure.
A cloud services firm has turned over to a New York hospital alliance the patient data stolen in a ransomware attack by LockBit. The hospital group had filed a lawsuit against LockBit as a legal maneuver to force the storage firm to return data the cybercriminals had stashed on the vendor's servers.
A Mississippi health system is notifying nearly 253,000 individuals that their data was potentially compromised in a "malicious and sophisticated ransomware" attack last August that also took IT systems offline. The cybercriminal gang Rhysida had claimed responsibility for the assault.
The Department of Defense released a 60-page strategy that aims to modernize the defense industrial ecosystem and focuses on four long-term strategic priorities: improving supply chain resilience, enhancing workforce readiness, streamlining acquisitions and refining economic deterrence measures.
A Chinese state hacking group is attacking superseded Cisco routers to target government entities in the United States, the United Kingdom and Australia. Beijing cyberespionage hackers dubbed "Volt Typhoon" are using vulnerabilities that were first disclosed in early 2019.
A fertility testing laboratory has agreed to improve its data security practices and pay up to $1.25 million to settle a consolidated class action lawsuit filed in the wake of a 2021 ransomware attack that compromised sensitive health information of about 350,000 patients.
Remote third-party access is a particular problem in OT environments compared to IT environments, since OT often uses older legacy systems with longer replacement cycles. Nicolas Moskal provides a demonstration of practical solutions to overcome these challenges.
The SASE marketplace has evolved significantly since it first emerged in 2019, and enterprises today can see the stark differences between piecemeal and integrated solutions. Kumar Ramachandran of Palo Alto Networks and Ganesh Devarajan of Accenture talk about the power of platform and services.
Merck & Co.'s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Peter Halprin.
Google Cloud's Mandiant says its account at X, formerly Twitter, was hijacked and used to link to cryptocurrency phishing pages after an attacker guessed the account password, apparently after Twitter last year deactivated the account's SMS-based two-factor authentication, leaving it unprotected.
The European Union adopted regulations on cyber hygiene intended to beef up cybersecurity at EU government agencies amid concerns that trading bloc institutions have failed to keep pace with mounting digital threats. European agencies lack "cyber preparedness commensurate with the threat."
Cybercriminals are extorting some patients and threatening them with swatting in the wake of a recent cyberattack on a Seattle cancer center. The incident, stemming from a Citrix Bleed exploit, has triggered multiple lawsuits and affected the personal data of at least 1 million people.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.