Security news aggregator

Latest coverage for Healthcare

Stay updated with the latest healthcare cybersecurity trends, news, and tips to protect patient data and comply with medical industry security standards.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Healthcare is the delivery of clinical care and related services through hospitals, clinics, laboratories, pharmacies, insurers, and connected medical devices. It depends on electronic health records (EHRs), patient identity systems, diagnostic and imaging platforms, medication and scheduling systems, and data exchanges between organizations. These environments hold sensitive health and payment information, while the availability and integrity of systems can affect treatment, diagnostics, and patient safety.

Security concerns include unauthorized access or disclosure of records, alteration of clinical data, and disruption of care through attacks on EHRs, connected devices, or third-party services. Defenses require risk-based access controls, strong authentication, network separation where appropriate, secure device and software maintenance, backups that support clinical continuity, and tested downtime and incident-response procedures. Vulnerability management must account for legacy systems and devices that cannot be patched quickly. Privacy and compliance obligations, such as HIPAA in the United States, shape how organizations collect, use, share, retain, and report health information.

Showing 9 most recent headlines Filtered view
Bank Info Security 10 months, 3 weeks ago

Rural Health System in Michigan Notifying 140,000 of Hack

Threat Actors Accessed, Stole Data for About 2 Months; BianLian Claims CreditA health system in rural Michigan is notifying nearly 140,000 people that their information was potentially compromised in a data theft incident occurring between November 2024 and January 2025. Cybercriminal gang BianLian lists Aspire Rural Health System as a victim on its dark website.

Bank Info Security 10 months, 3 weeks ago

Nuance Agrees to Pay $8.5M to Settle MOVEit Hack Litigation

Settlement Is Latest Among Scores of Other MOVEit Lawsuits Still PendingNuance Communications, a Microsoft subsidiary, has agreed to pay $8.5 million to settle class action litigation filed after hackers exploited a zero-day flaw in Progress Software's MOVEit file transfer software in 2023, stealing data belonging to more than a dozen of Nuance's healthcare clients.

Bank Info Security 10 months, 3 weeks ago

Breach Roundup: Scattered Spider Hacker Gets 10 Years

Also: New 'Quishing' Tactics, Pro-Houthi Hacker Sentenced to 20 MonthsThis week, a Scattered Spider hacker sentenced, new squishing tricks, a pro-Houthi hacker gets 20 months in the United Kingdom, a Taiwanese web hosting provider hacked, the Business Council of New York and Ohio Medical Cannabis Center breached, North Korean hackers target Seoul and an Apple Patch.

Bank Info Security 10 months, 4 weeks ago

Why Do HIPAA Risk Analyses Miss the Mark So Often?

Common Weaknesses Healthcare Providers Must Overcome to Avoid Regulators' WrathRegulators have long pushed HIPAA-regulated providers to ensure their enterprise-wide security risk analysis is comprehensive and timely, so they can identify security issues before they become data breaches. Why do so many organizations struggle with this top HIPAA priority?

Bank Info Security 10 months, 4 weeks ago

Accounting Firm Pays Feds $175K for HIPAA Ransomware Breach

Settlement Includes Corrective Action Plan Focused on Improving Risk AnalysisAn investigation into a ransomware breach reported in 2020 as affecting the protected personal information of 170,000 people led to a $175,000 fine against a certified public accounting and consulting firm. Regulators also required the company to implement a corrective action plan in the settlement.

The Hacker News 11 months ago

Wazuh for Regulatory Compliance

Organizations handling various forms of sensitive data or personally identifiable information (PII) require adherence to regulatory compliance standards and frameworks. These compliance standards also apply to organizations operating in regulated sectors such as healthcare, finance, government contracting, or education. Some of these standards and frameworks include, but are not limited to: