While patient safety risks posed by unpatched security vulnerabilities in legacy medical devices often grab headlines, healthcare entities shouldn't underestimate the serious business risks involving other poorly secured IoT and OT gear used in healthcare settings, said Mohammad Waqas of Armis.
A global law firm is notifying nearly 153,000 individuals of a hacking incident that compromised several client files. The files contained sensitive personal information and affects vision care patients who had been victims of a breach three years ago.
What does generative AI mean for security? In the short term, and possibly indefinitely, we will see offensive or malicious AI applications outpace defensive ones that use AI for security. We also will see an outsized explosion in new attack surfaces. HackerOne can help you prepare your defenses.
A Florida hospital is notifying 1.2 million patients that their information was stolen by hackers in a cybersecurity incident that spanned for nearly three weeks in May as attackers tried to encrypt the entity's systems with ransomware. The hospital repelled the attack but couldn't stop the breach.
The U.S. Federal Trade Commission and the Department of Health and Human Services are jointly warning dozens of hospitals and telehealth providers of potential patient data privacy and cybersecurity violations involving the use of online tracking technologies.
Many critical infrastructure sector organizations, especially smaller entities, will likely struggle to comply with an upcoming requirement to report cyber incidents to federal regulators within 72 hours - due to an assortment of reasons, said Stanley Mierzwa of Kean University.
It's becoming more critical than ever for hospitals to have vigorous programs that continuously evaluate and address the security risks posed by third-party vendors, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
Resilience, not just compliance, is becoming healthcare's primary goal in managing cyber risk. Moving to a more resilient state requires continuous cyber risk management, which requires knowing how an adversary thinks and attacks to ensure that the appropriate safeguards are in place.
Federal regulators and medical device maker Becton, Dickinson and Co. are warning about eight vulnerabilities that could allow an attacker to compromise BD's medication infusion product suite, potentially putting data and device integrity at risk if exploited.
Plaintiffs filed the first of what will likely be many more proposed class action lawsuits against HCA Healthcare just two days after the hospital chain publicly disclosed a hacking incident involving the posting of information for potentially 11 million patients on a dark web forum.
API security platforms have become an essential part of any organization's cybersecurity strategy, but with so many options available, it can be difficult to know how to choose the right one. In this article, we'll discuss how to evaluate API security platforms and what factors to consider.
Johns Hopkins University and its Johns Hopkins Health System are facing at least two proposed federal class action lawsuits filed in recent days following the institution's disclosure that it was among victims of the recent spate of hacks involving MOVEit file transfer software.
Traditional licensing models that lock organizations into fixed solutions or time periods are no longer ideal. Organizations need to consider usage-based licensing approaches that offer flexibility to deploy whatever solutions are required, wherever they are needed, for whatever length of time.
Hacking incidents, including those involving ransomware attacks or vendors, that affect tens of millions of individuals, continue to account for the majority of health data breaches reported to federal regulators so far this year. What are the other emerging breach trends?
A ransomware attack in May that and compromised the sensitive information of 319,500 individuals, including addiction treatment center patient data, has so far generated three proposed federal class action lawsuits against the Pennsylvania real estate firm that owns the medical group.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.