Security news aggregator

Latest coverage for Healthcare

Stay updated with the latest healthcare cybersecurity trends, news, and tips to protect patient data and comply with medical industry security standards.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Healthcare is the delivery of clinical care and related services through hospitals, clinics, laboratories, pharmacies, insurers, and connected medical devices. It depends on electronic health records (EHRs), patient identity systems, diagnostic and imaging platforms, medication and scheduling systems, and data exchanges between organizations. These environments hold sensitive health and payment information, while the availability and integrity of systems can affect treatment, diagnostics, and patient safety.

Security concerns include unauthorized access or disclosure of records, alteration of clinical data, and disruption of care through attacks on EHRs, connected devices, or third-party services. Defenses require risk-based access controls, strong authentication, network separation where appropriate, secure device and software maintenance, backups that support clinical continuity, and tested downtime and incident-response procedures. Vulnerability management must account for legacy systems and devices that cannot be patched quickly. Privacy and compliance obligations, such as HIPAA in the United States, shape how organizations collect, use, share, retain, and report health information.

Showing 14 most recent headlines Filtered view
Bank Info Security 1 year, 4 months ago

Change Healthcare's Mega Attack: 1 Year Later

Ransomware Attack Taught Lessons on Health Sector Resiliency, Vendor RedundancyIt's been one year since hackers attacked IT services provider Change Healthcare, quickly shutting down critical processes for thousands healthcare entities, triggering a data breach affecting 190 million people. So what top lessons are emerging from that massive disruption and data compromise?

Credential-Stuffing Breaches Affected Nearly 200,000 Warby Parker CustomersFederal regulators have levied a $1.5 million HIPAA civil monetary penalty against eyeglass maker and retailer Warby Parker over credential-stuffing hacks that affected about 200,000 people. The HIPAA enforcement action is the first disclosed in the second Trump administration.

It's critical for healthcare providers that offer telehealth and remote patient monitoring services to incorporate these systems into their organizational risk programs, including how they plan to address issues such as patch management from afar, said attorney Betsy Hodge of the law firm Akerman.

A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases

2.3 TB held to ransom as biz formerly known as Virgin Care tells us it's probing IT 'security incident' Exclusive HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what's claimed to be stolen internal records unless a substantial ransom is paid.…

Bank Info Security 1 year, 4 months ago

Career Spotlight: Cloud Security Specialist

Demand for Cloud Security Skills Is Growing, Offering Good Pay and New ChallengesCloud services support a wide range of applications from finance to healthcare systems and have become prime targets for cybercriminals, making cloud security a major concern for cybersecurity organizations. The need to secure the cloud is driving demand for skilled cloud security specialists.

DOJ Says Contractor Falsely Claimed to Meet Critical Cyber RequirementsA military health benefits administrator has agreed to pay $11.2 million to settle allegations that the company falsely certified compliance with cybersecurity requirements - including patch management - for three years in a contract with the U.S. Department of Defense.

If this makes you feel sick, knowing this happened before ransomware actors started targeting medical info may help An alleged security SNAFU that occurred during the Obama administration has finally been settled under the second Trump administration.…

Bank Info Security 1 year, 4 months ago

Clinical Trial Database Exposes 1.6M Records to Web

Researcher Says Firm Failed to Secure Sensitive Health Data From Survey FormsAn unsecured database containing 2 terabytes of data allegedly exposed more than 1.6 million clinical research records to the internet, including sensitive personal and medical information of patients, said the security researcher who discovered the lapse. Why does this keep happening?