Security news aggregator

Latest coverage for Healthcare

Stay updated with the latest healthcare cybersecurity trends, news, and tips to protect patient data and comply with medical industry security standards.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Healthcare is the delivery of clinical care and related services through hospitals, clinics, laboratories, pharmacies, insurers, and connected medical devices. It depends on electronic health records (EHRs), patient identity systems, diagnostic and imaging platforms, medication and scheduling systems, and data exchanges between organizations. These environments hold sensitive health and payment information, while the availability and integrity of systems can affect treatment, diagnostics, and patient safety.

Security concerns include unauthorized access or disclosure of records, alteration of clinical data, and disruption of care through attacks on EHRs, connected devices, or third-party services. Defenses require risk-based access controls, strong authentication, network separation where appropriate, secure device and software maintenance, backups that support clinical continuity, and tested downtime and incident-response procedures. Vulnerability management must account for legacy systems and devices that cannot be patched quickly. Privacy and compliance obligations, such as HIPAA in the United States, shape how organizations collect, use, share, retain, and report health information.

Showing 17 most recent headlines Filtered view
Bank Info Security 2 years, 1 month ago

ISMG Editors: UnitedHealth Group's HIPAA Breach Fallout

Also: The End of an Era at Mandiant and Privacy and Ethics Concerns Related to LLMsIn the latest weekly update, ISMG editors discussed the implications of Kevin Mandia stepping down as Mandiant CEO; UnitedHealth Group's responsibility for a massive HIPAA breach at its subsidiary, Change Healthcare; and privacy concerns over large language models.

Bank Info Security 2 years, 1 month ago

LockBit Publishes Data Stolen in London Drugs Attack

Canadian Retail Pharmacy Chain Says It's Reviewing Exposed Data on Gang's Leak SiteLockBit has begun to leak on its dark web site files of data the Russian-speaking cybercriminal gang claims to have stolen in an April attack on London Drugs. The group had threatened to publish the exfiltrated data if the Canadian retail pharmacy chain does not pay a $25 million ransom demand.

Bank Info Security 2 years, 1 month ago

LockBit Demands $25M Ransom from Canadian Drug Store Chain

Threatens to Leak Stolen Data; Attack Temporarily Shut Down Retail Pharmacy StoresLockBit cybercriminals demanded a $25 million ransom from Canadian pharmacy retail chain London Drugs following an attack detected in late April that forced the company to temporarily close its 79 stores across western Canada for more than a week.

$4.5M slushed through accounts from state healthcare and lonely people Georgia resident Malachi Mullings received a decade-long sentence for laundering money scored in scams against healthcare providers, private companies, and individuals to the tune of $4.5 million.…

Boffins, why not simply invent an algorithm that autonomously fixes flaws, thereby ending ransomware forever The US government's Advanced Research Projects Agency for Health (ARPA-H) has pledged more than $50 million to fund the development of technology that aims to automate the process of securing hospital IT environments.…

Bank Info Security 2 years, 1 month ago

100 Groups Urge Feds to Put UHG on Hook for Breach Notices

Medical Associations Ask HHS to Clarify HIPAA Duties in Change Healthcare HackMore than 100 medical associations and industry groups representing tens of thousands of U.S. doctors and healthcare professionals have banded together to urge federal regulators to hold Change Healthcare responsible for breach notifications related to a massive February ransomware attack.

Attackers Are Targeting the Widely Used Mirth Connect Data Integration PlatformCyberattackers are actively exploiting a vulnerability in the NextGen Healthcare Mirth Connect product, an open-source data integration platform widely used by healthcare companies, said CISA in an alert Monday. The flaw, which allows remote code execution, has been known since October 2023.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation

Bank Info Security 2 years, 1 month ago

HHS Warns Health Sector of Business Email Compromise Scams

Agency Spells Out Measures to Avoid Falling Victim to Costly SchemesHealthcare organizations should take steps to avoid falling victim to evolving threats involving costly business email compromise scams and related phishing schemes fueled by social engineering, warned the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center.

Bank Info Security 2 years, 1 month ago

HHS Funds $50M to Spot, Patch Hospital Vulnerabilities

Research Agency Soliciting 'Upgrade' Project Ideas to Help Boost Healthcare CyberThe highly targeted U.S. hospital sector could get a boost in avoiding cyberattacks with a $50 million investment by a federal research agency aimed at enhancing automation, vulnerability detection and remediation across a variety of devices in healthcare environments.