Kaiser Permanente: Data breach may impact 13.4 million patients
Healthcare service provider Kaiser Permanente disclosed a data security incident that may impact 13.4 million people in the United States. [...]
Incident coverage examines breaches, outages, and response failures to explain how security events affect systems, data, and organizations.
Search across headline titles and summaries.
Background for this topic.
An incident is a suspected or confirmed event that threatens the confidentiality, integrity, or availability of information or systems, or violates a security policy. Examples include unauthorized access, malware execution, exposed credentials, data loss, and disruptive attacks. Not every alert is an incident: triage determines whether an event is credible, its scope, and the assets or data involved.
Incident handling requires timely detection, analysis, containment, eradication, and recovery. Practitioners must preserve relevant evidence, identify affected accounts and systems, assess whether data was accessed or altered, and prevent recurrence. Clear escalation and documentation support privacy or regulatory notifications when applicable. Findings should feed security improvements such as closing exploited vulnerabilities, strengthening access controls, and updating detection and response procedures.
Healthcare service provider Kaiser Permanente disclosed a data security incident that may impact 13.4 million people in the United States. [...]
Incident Involves Health Plans' Prior Use of Online Tech in Websites, Mobile AppsKaiser Foundation Health Plan has reported to regulators a health data breach affecting 13.4 million people stemming from the previous use of web trackers. Aside from reports expected from the Change Healthcare mega hack, the incident is the largest health data breach reported so far in 2024.
Experts Advise Health Sector to Take Steps as UnitedHealth Group Cleans Up MessUnitedHealth Group's admission that information for "a substantial portion" of the American population was compromised in its Change Healthcare cyberattack sets into motion the likelihood the incident will become the largest health data breach ever reported in U.S. What other details are emerging?
State-sponsored groups are targeting critical vulnerabilities in virtual private network (VPN) gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who rarely have visibility into the devices.
City council says it lost control after shutting down systems It's become somewhat cliché in cybersecurity reporting to speculate whether an organization will have the resources to "keep the lights on" after an attack. But the opposite turns out to be true with Leicester City Council following its March ransomware incident.…