In the largest HIPAA settlement to date, federal regulators have smacked Chicago-based Advocate Health Care with a $5.5 million fine in the wake of an investigation into three 2013 breaches. The settlement is HHS's tenth HIPAA enforcement action this year.
Arizona-based Banner Health, which operates 29 hospitals, says it's notifying 3.7 million individuals that their data was exposed in a "sophisticated cyberattack." An initial attack against payment card processing systems apparently opened the door to the attackers accessing healthcare data.
A new survey shows 82 percent of organizations around the world are struggling with a shortage of staff with cybersecurity skills. Training expert Simone Petrella analyzes the survey results and spotlights the skills needed now to fight emerging cyber threats.
Imagine the security implications of a world in which millions of people have a physical impairment that leaves them internet-connected. Say hello to the promise - and peril - of internet-connected hearing aids, says Global Cyber Alliance's Phil Reitinger.
Russia, which some have blamed for attacks against the Democratic Party in the U.S., has offered a detailed description of coordinated cyberattacks against its scientific, public authority and military institutions. Is the announcement a tit-for-tat move after the charges of Russian involvement in U.S. hacks?
While hackers and ransomware attacks have been hogging the spotlight lately, regulators are warning healthcare entities and their business associates not to underestimate the serious security and privacy threats that insiders can pose.
HHS will issue up $1.75 million in grants to give a boost to one organization that will take a lead role in cyber threat information sharing. A top priority of the ramped-up effort to help fight cyberattacks in the healthcare sector is to keep smaller organizations better informed of the latest risks.
The breach of an offshore account owned by Union Bank of India is raising new questions about the security of interbank payments, which often rely on antiquated backend verification processes that fraudsters seem to be compromising with relative ease.
As a report surfaced July 29 that the campaign of presidential nominee Hillary Clinton was hacked, the Democratic Congressional Campaign Committee confirmed that it was breached shortly after the Democratic National Committee announced that it, too, had been hacked.
The Federal Trade Commission has overturned a decision made last fall by its own administrative law judge to dismiss the longstanding data security enforcement case against the now-shuttered medical testing laboratory LabMD. Company CEO Michael Daugherty plans to appeal.
Ransomware gangs are employing "customer service" agents to field victims' queries in an attempt to maximize their illicit profits, according to security firm F-Secure, which describes the encounters of someone posing as a victim.
Scuffles between anti-virus software vendors have stepped up a notch, with startups and industry stalwarts slinging mud at each other. Cylance now says it plans to make its product available for tests used to benchmark security software.
New federal guidance that describes processes in the current round of HIPAA compliance audits - which could lay the foundation for future rounds of audits - illustrates the massive amount of documentation demanded for these "desk audits."
CEO fraud campaigns are becoming far more common. A recent attack against our company was deflected because of the alertness of a staff member who received a fraudulent wire transfer request, illustrating why well-informed employees truly are the best lines of defense against these schemes.