Security news aggregator

Latest coverage for Healthcare

Stay updated with the latest healthcare cybersecurity trends, news, and tips to protect patient data and comply with medical industry security standards.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Healthcare is the delivery of clinical care and related services through hospitals, clinics, laboratories, pharmacies, insurers, and connected medical devices. It depends on electronic health records (EHRs), patient identity systems, diagnostic and imaging platforms, medication and scheduling systems, and data exchanges between organizations. These environments hold sensitive health and payment information, while the availability and integrity of systems can affect treatment, diagnostics, and patient safety.

Security concerns include unauthorized access or disclosure of records, alteration of clinical data, and disruption of care through attacks on EHRs, connected devices, or third-party services. Defenses require risk-based access controls, strong authentication, network separation where appropriate, secure device and software maintenance, backups that support clinical continuity, and tested downtime and incident-response procedures. Vulnerability management must account for legacy systems and devices that cannot be patched quickly. Privacy and compliance obligations, such as HIPAA in the United States, shape how organizations collect, use, share, retain, and report health information.

Showing 13 most recent headlines Filtered view
Bank Info Security 3 months, 3 weeks ago

FBI Seizes Iranian Online Leak Sites After Stryker Hack

New Handala Site Is Also AvailableU.S. federal agents seized four web domains associated with Iranian hacking operations days after a threat actor going by Handala posted screenshots it said came from inside the IT systems of medical device manufacturer Stryker. The registrars used to create them are located in the United States.

Bank Info Security 3 months, 3 weeks ago

ISMG Editors: Stryker Attack Hits Healthcare Supply Chain

Also: CISA Protocol Concerns, AI Agents Push Past Cybersecurity ControlsIn this week's panel, four ISMG editors unpacked the cyber dimensions of the Stryker attack amid the escalating Iran-Israel-U.S. tensions, the growing controversy around CISA leadership and alleged protocol breaches, and a new set of concerns related to AI agents bypassing security controls.

Bank Info Security 3 months, 3 weeks ago

Texas Gov. Orders State Review of Chinese-Made Medtech

Contec and Epsimed Monitors Containing 'Backdoors' Are at the Center of OrderTexas Gov. Abbott has ordered agencies to review foreign-made connected medical devices - especially those from Chinese manufacturers - used in state-owned facilities for cybersecurity issues that could pose security and privacy risks to patients and healthcare infrastructure.

Bank Info Security 3 months, 4 weeks ago

FDA Issues Recall for Some GE Imaging Products Due to Cyber

Vulnerability Affects Certain Centricity Medical Imaging ProductsThe U.S. Food and Drug Administration has issued a recall notice for certain GE Healthcare Centricity medical imaging products due to a "potential" cybersecurity vulnerability that could allow a hacker to manipulate data or impact availability of the affected products.

Bank Info Security 3 months, 4 weeks ago

Worker Benefits Administrator Notifying 2.7M of Hack

Navia Benefit Solutions Says Potential Data Theft Took Place Over 3-Week PeriodA Washington-state based employee benefits administrator is notifying nearly 2.7 million individuals that their information, including health plan and personal details such as Social Security numbers, was potentially stolen in a hacking incident discovered in January.

Bank Info Security 3 months, 4 weeks ago

Microsoft Intune MDM Gains Notoriety After Stryker Hack

Properly Configured Mobile Development Management Tools Can't Wipe Personal DataMobile device management software is having a moment of notoriety after Iran-aligned hacking group Handala used Microsoft Intune to wipe the mobile devices of employees at medical device manufacture Stryker. Tens of thousands of personal devices were likely affected.

Epic v. Health Gorilla Lawsuit Spurs New Claims Over Alleged Patient Records MisuseA telehealth firm has admitted that it gained access to patient medical records via a health information exchange network under the guise of treatment purposes when it actually provided the records to law firms. But the legal dispute involving Epic and Health Gorilla is growing more complicated.

SCION: Proven in banking and healthcare, slow to spread everywhere else Feature BGP, the Border Gateway Protocol, was not designed to be secure. It was designed to work – to route packets between the thousands of autonomous systems that make up the internet, quickly and at scale.…

Medical Device Manufacturer Hack Was Likely OpportunisticAn Iranian cyberattack on medical device maker Stryker's internal IT environment does not appear to affect connected products used by the company's healthcare clients. But an outage of Stryker's electronic ordering system could lead to supply chain issues for its customers.