Security news aggregator

Latest coverage for Healthcare

Stay updated with the latest healthcare cybersecurity trends, news, and tips to protect patient data and comply with medical industry security standards.

16 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Healthcare is the delivery of clinical care and related services through hospitals, clinics, laboratories, pharmacies, insurers, and connected medical devices. It depends on electronic health records (EHRs), patient identity systems, diagnostic and imaging platforms, medication and scheduling systems, and data exchanges between organizations. These environments hold sensitive health and payment information, while the availability and integrity of systems can affect treatment, diagnostics, and patient safety.

Security concerns include unauthorized access or disclosure of records, alteration of clinical data, and disruption of care through attacks on EHRs, connected devices, or third-party services. Defenses require risk-based access controls, strong authentication, network separation where appropriate, secure device and software maintenance, backups that support clinical continuity, and tested downtime and incident-response procedures. Vulnerability management must account for legacy systems and devices that cannot be patched quickly. Privacy and compliance obligations, such as HIPAA in the United States, shape how organizations collect, use, share, retain, and report health information.

Showing 16 most recent headlines Filtered view
Bank Info Security 2 years, 5 months ago

Therapy Provider Notifying 4 Million Patients of PJ&A Hack

Concentra Health Services Joins List of Those Affected in Transcriber's Data BreachA Texas-based physical and occupational therapy provider is notifying nearly 4 million patients that they have joined the soaring tally of victims of a data theft incident at a Nevada medical transcription vendor last year. The supply chain hack appears to have affected at least 14 million people.

Krebs on Security 2 years, 5 months ago

Who is Alleged Medibank Hacker Aleksandr Ermakov?

Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia's most destructive ransomware groups, but little more is shared about the accused. Here's a closer look at the activities of Mr. Ermakov's alleged hacker handles.

Bank Info Security 2 years, 5 months ago

Feds Warn Healthcare Sector of ScreenConnect Threats

HHS: Compromise at Large Pharma Software and Services Firm Puts Entities at RiskFederal authorities are warning of attacks on healthcare sector firms that use ConnectWise's remote access tool ScreenConnect. Hackers compromised a locally hosted version of the tool used by a large national pharmacy supply chain and managed services provider in 2023.

Strengthening OT Security with HCLTech and MicrosoftIn an age reliant on operational technology, ensuring robust security for diverse industries is crucial. Join us as we discuss operational challenges, highlighting specific threats faced by businesses today. Explore how the powerful alliance between HCLTech and Microsoft empowers organizations to safeguard critical assets and enhance resilience against evolving threats. From understanding the evolving threat landscape to implementing comprehensive security measures, this session offers insights to fortify business operations against the dynamic backdrop of cybersecurity. We will discuss:

Bank Info Security 2 years, 5 months ago

Watching the Watchdog: Learning from HHS' Grant Payment Mess

Tight-Lipped Agency's Next Move in Wake of $7.5M Scam Could Be TellingRumors are swirling about how the Department of Health and Human Services lost about $7.5 million in grant payments through a series of cyberattacks last year, including speculation over whether the incidents involved sophisticated AI-augmented spear-phishing or more commonplace fraud schemes.

Bank Info Security 2 years, 5 months ago

HHS Details New Cyber Performance Goals for Health Sector

'Essential' and 'Enhanced' Best Practices Will Influence Upcoming Rule-MakingFederal regulators have released guidance that spells out voluntary cybersecurity performance goals for the healthcare sector. The document is a first step in fleshing out the Biden administration's strategy to push hospitals and other healthcare entities to adopt a stronger cybersecurity posture.

Bank Info Security 2 years, 5 months ago

Medical Lab Database Exposed 1.3M Records, COVID Test Info

Researcher Reported Configuration Issue to Cloud Vendor After Lab Failed to RespondAn unsecured database appearing to belong to a Netherlands-based medical laboratory exposed 1.3 million records on the internet, including COVID test results and other personal identifiable information, said a security researcher who discovered the trove and reported his findings to the company.

Bank Info Security 2 years, 5 months ago

Australia, US, UK Sanction Russian Over 2022 Medibank Breach

Governments Accuse Aleksandr Ermakov and REvil of Being Medibank HackersThe United States, Australia and the United Kingdom sanctioned a Russian man the governments say was behind the October 2022 hacking of Medibank, Australia's largest private health insurer. The attack was a high point in a wave of data breaches buffeting the country that year.

'Aleksandr Ermakov' isn't allowed down under after being linked to ten-million-record leak Australia's government has used the "significant cyber incidents" sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer Medibank Private.…

Bank Info Security 2 years, 5 months ago

Report: Hackers Scammed $7.5M From HHS Grant Payment System

Money Meant for Poor Communities Stolen as Authorities Issued Phishing Scam AlertsHackers have reportedly stolen about $7.5 million from a Department of Health and Human Services grant payment system in a series of cyberattacks last year. The news comes in the midst of HHS and other authorities warnings about rising threats involving social engineering and payment scams.

Bank Info Security 2 years, 5 months ago

Prosecutors Add to Evidence Against Alleged Vastaamo Hacker

Extortion Money Found in Bank Account of Aleksanteri Kivimaki, Prosecutors SayProsecutors trying the case of a Finnish national accused of attempting to extort tens of thousands of psychotherapy patients and of later posting therapy notes online said Monday that they have traced the cryptocurrency wallet used by the blackmailer to the accused man.

Bank Info Security 2 years, 5 months ago

Ransomware Hit on Tietoevry Causes IT Outages Across Sweden

Finnish IT Services Previews Days or Weeks of Disruption, Ties Attack to AkiraAn Akira ransomware attack that hit a data center run by Finnish IT software and services firm Tietoevry has led to widespread outages across Sweden. Healthcare, local governments, retail outlets and the country's largest cinema chain are among the organizations experiencing ongoing disruptions.