Cancer Patient’s Nude Photo Leak Cited in Data Breach Suit

A class-action lawsuit stemming from a February 2023 healthcare data breach in Pennsylvania further illustrates the need for an effective HIPAA compliance strategy, including data security and controls. The IT website The Register reported that medical records of at least two breast cancer patients containing above-the-waist nude photos were part of 75,000 patient records stolen by the BlackCat malware group. After Lehigh [...]

2023-03-23T15:16:38-04:00March 23rd, 2023|

Cybersecurity Response Plans and CIRCIA

In March 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This new law will likely trigger changes to the cybersecurity response plans of many organizations. While there is not currently a standard to enforce, healthcare providers and the companies that provide support services to them will be affected by this new law.  CIRCIA Background [...]

2022-11-17T17:03:29-05:00November 14th, 2022|

IBM Cost of a Data Breach Report 2022 Comes to Shocking Conclusion

Each year IBM works with Ponemon Institute to research breaches across several sectors of the economy. For the 12th consecutive year, healthcare breaches had the highest price tag. According to the IBM Cost of a Data Breach Report 2022, the average cost of a healthcare data breach has skyrocketed to $10.1 million. This is an increase of 9.4% from 2021 and an astronomical increase of 41.6% [...]

2022-07-29T15:12:45-04:00July 29th, 2022|

Eye Care Leaders Breach: Ransomware Attack Claims New Victims

In early December of 2021, Eye Care Leaders (Eye Care), an electronic medical record vendor supplying business associate services to eye care providers across the country, discovered it had incurred a data breach. The breach quickly disabled systems.  The intruder accessed compromised information, including name, address, phone numbers, health insurance information, and medical information related to eye care services - protected health [...]

2022-06-29T15:29:27-04:00June 29th, 2022|

UKG Ransomware Attack Hits Healthcare Businesses Worldwide

Healthcare providers including NYU Langone University Hospital Long Island in New York and others around the world are reeling today in the wake of a reported ransomware attack on human resources services giant UKG. The breach affects services on the Kronos Private Cloud including UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions. It is unknown if electronic protected health information [...]

2022-05-06T17:03:46-04:00December 13th, 2021|

10 Largest 2021 Healthcare Breaches (so far)

It has been a tough year for cybersecurity professionals as hacking groups and ransomware criminals have exposed the records of more than 40 million Americans during an onslaught of 2021 healthcare breaches. As a result, some healthcare data networks were out of service for weeks at a time, potentially compromising quality of care for patients across the country. As recently as September, [...]

2022-05-06T17:03:48-04:00December 7th, 2021|

Cyber Threats in Healthcare and FIN12 Ransomware

Cyber threats in healthcare are constantly evolving and becoming more complex. A recent report released by Mandiant Intelligence uncovered the very real threat FIN12 ransomware poses to the healthcare sector. According to the report, 20% of FIN12 ransomware attacks target the healthcare sector. Healthcare organizations in North America in particular have cause for concern, with 85% of FIN12 ransomware attacks targeting victims in North America. [...]

2022-05-06T17:03:51-04:00November 3rd, 2021|

Healthcare Cyber Attacks on the Rise

Several major health systems have reported an onslaught of phishing, spoofing, and ransomware incidents. While these healthcare cyber attacks use different tactics, they all have the same end goal - to steal sensitive patient information.  Phishing Attack Targets UMass Memorial Health UMass Memorial Health recently informed patients that their protected health information (PHI) was potentially compromised in a healthcare cyber attack stemming [...]

2022-05-06T17:03:52-04:00October 27th, 2021|

New Healthcare Cybersecurity Threats Reported

As hackers become more sophisticated, it is important to keep up to date with new threats. There are two new threats that are concerning in that they are difficult to recognize and detect. One of these threats is a very convincing phishing scam, while the other is a malicious encryption scheme that evades ransomware detection software. Although these are not necessarily healthcare cybersecurity threats, they target businesses across [...]

2022-05-06T14:38:09-04:00September 3rd, 2021|

How to Prevent Phishing Attacks in Healthcare

Malware and ransomware attacks have become more prevalent in recent times across all industries and market sectors. Large-scale attacks such as the ones perpetrated on Colonial Pipeline and JBS Foods were widely covered by the media. But these are not the only examples of successfully conducted attacks on businesses of all types and sizes. The healthcare industry presents attractive targets for hackers [...]

2022-05-06T14:43:58-04:00August 20th, 2021|