Security news aggregator

Latest coverage for Healthcare

Stay updated with the latest healthcare cybersecurity trends, news, and tips to protect patient data and comply with medical industry security standards.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Healthcare is the delivery of clinical care and related services through hospitals, clinics, laboratories, pharmacies, insurers, and connected medical devices. It depends on electronic health records (EHRs), patient identity systems, diagnostic and imaging platforms, medication and scheduling systems, and data exchanges between organizations. These environments hold sensitive health and payment information, while the availability and integrity of systems can affect treatment, diagnostics, and patient safety.

Security concerns include unauthorized access or disclosure of records, alteration of clinical data, and disruption of care through attacks on EHRs, connected devices, or third-party services. Defenses require risk-based access controls, strong authentication, network separation where appropriate, secure device and software maintenance, backups that support clinical continuity, and tested downtime and incident-response procedures. Vulnerability management must account for legacy systems and devices that cannot be patched quickly. Privacy and compliance obligations, such as HIPAA in the United States, shape how organizations collect, use, share, retain, and report health information.

Showing 15 most recent headlines Filtered view

82 Longstanding Recommendations on Data Protection, Security Still Not Acted UponThe U.S. Department of Health and Human Services has still not implemented 82 recommendations made in recent years involving "high risk" cybersecurity and IT management issues, said the Government Accountability Office in a new report directed at HHS' CIO and its various agency CIOs.

Recent advisories from U.S. federal authorities on vulnerabilities in certain operational technology devices underscore the potential security risks that many healthcare providers frequently underestimate, said Sila Özeren, a security research engineer at Picus Security.

Lawmaker Says Microsoft Lapses Led to Ascension Health's Major 2024 HackSen. Ron Wyden, D-Oregon, is urging the Federal Trade Commission to investigate Microsoft over the software giant's alleged "negligent cybersecurity," which he says contributed to ransomware attacks on critical infrastructure sector organizations, including last year's attack on Ascension Health.

U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to probe Microsoft and hold it responsible for what he called "gross cybersecurity negligence" that enabled ransomware attacks on U.S. critical infrastructure, including against healthcare networks

Ron Wyden urges FTC to probe failure to secure Windows after attackers used Kerberoasting to cripple Ascension Microsoft is back in the firing line after US Senator Ron Wyden accused Redmond of shipping "dangerous, insecure software" that helped cybercrooks cripple one of America's largest hospital networks.…

Bank Info Security 10 months, 1 week ago

Hand-Tool Maker Says Hack Compromised Medical Info

Breach Affecting 104,000 Underscores Health Data Risks for Non-Healthcare FirmsAn Ohio hand tool manufacturer that sells its products through franchises is notifying nearly 104,000 people of a breach potentially compromising their medical data. The incident is a cautionary tale for non-healthcare sector entities about the risks they face involving health information.

Bank Info Security 10 months, 1 week ago

NY Blood Center Says Data Was Stolen in January Attack

Nonprofit Is Among Several Blood Suppliers Hit by Cybercriminals Over the Past YearNew York Blood Center Enterprises said an undisclosed number of patients, employees and other individuals are potentially affected by a January cyberattack that compromised personal and health related information. The hack was among several attacks on blood suppliers over the past year.

Bank Info Security 10 months, 1 week ago

Georgia Hospital Notifying 163,000 of 2024 Ransomware Hack

Cybercrime Gang Monti Listed 84-Bed Rural Hospital Among Its Victims Last SummerA public Georgia community hospital is notifying more than 163,000 individuals that their sensitive health information was compromised in a June 2024 ransomware attack. The cybercriminal gang Monti on its dark website last summer claimed Wayne Memorial Hospital as one of its victims.