NY AG SHIELD UP! Vision Benefits Provider Settles Email Data Breach

In January of 2022, EyeMed Vision Care LLC, a New York vision benefits provider, settled an action brought by the New York State Attorney General against it for failing to implement adequate data security measures, including multifactor authentication, password management, and logging of email accounts.  These deficiencies resulted in a 2020 email data breach during which hackers accessed an EyeCare email account [...]

2023-04-06T13:59:54-04:00January 26th, 2022|

10 Largest 2021 Healthcare Breaches (so far)

It has been a tough year for cybersecurity professionals as hacking groups and ransomware criminals have exposed the records of more than 40 million Americans during an onslaught of 2021 healthcare breaches. As a result, some healthcare data networks were out of service for weeks at a time, potentially compromising quality of care for patients across the country. As recently as September, [...]

2023-04-06T14:00:40-04:00December 7th, 2021|

Healthcare Cyber Attacks on the Rise

Several major health systems have reported an onslaught of phishing, spoofing, and ransomware incidents. While these healthcare cyber attacks use different tactics, they all have the same end goal - to steal sensitive patient information.  Phishing Attack Targets UMass Memorial Health UMass Memorial Health recently informed patients that their protected health information (PHI) was potentially compromised in a healthcare cyber attack stemming [...]

2023-04-06T14:00:47-04:00October 27th, 2021|

Using the SLAM Method to Prevent HIPAA Phishing Attacks

Cybersecurity is at the top of mind for many businesses, especially during October’s Cybersecurity Awareness Month. The main cause for concern for healthcare organizations in particular is how to recognize phishing emails to prevent breaches. There is a simple method that healthcare organizations can use to aid in the identification of phishing emails, the SLAM method.  What Does the SLAM Acronym Stand [...]

2023-05-23T11:00:12-04:00October 22nd, 2021|

Health Data Breach Lawsuit Filed Under CCPA

In July 2021, UC San Diego Health notified the public that it had been the victim of a four-month long phishing attack that gave hackers access to the protected health information of 495,949 patients. As a result, a health data breach lawsuit was filed alleging a violation of California Consumer Privacy Act, negligence, and breach of contract. The lawsuit seeks class-action status. [...]

2023-04-06T14:00:52-04:00September 30th, 2021|

5.1 Million Patients Affected August 2021 Healthcare Breaches

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) publicly posts breaches affecting 500 or more patients to their online breach portal, known as the “HIPAA Wall of Shame.” In August 2021, there were 38 breaches posted on the portal, affecting 5,120,289 patients. August 2021 healthcare breaches predominantly consisted of hacking incidents affecting healthcare providers, with 4,656,453 patients affected by hacking incidents [...]

2023-04-06T14:00:55-04:00September 14th, 2021|

New Healthcare Cybersecurity Threats Reported

As hackers become more sophisticated, it is important to keep up to date with new threats. There are two new threats that are concerning in that they are difficult to recognize and detect. One of these threats is a very convincing phishing scam, while the other is a malicious encryption scheme that evades ransomware detection software. Although these are not necessarily healthcare cybersecurity threats, they target businesses across [...]

2023-04-06T14:00:57-04:00September 3rd, 2021|

How to Prevent Phishing Attacks in Healthcare

Malware and ransomware attacks have become more prevalent in recent times across all industries and market sectors. Large-scale attacks such as the ones perpetrated on Colonial Pipeline and JBS Foods were widely covered by the media. But these are not the only examples of successfully conducted attacks on businesses of all types and sizes. The healthcare industry presents attractive targets for hackers [...]

2023-04-06T14:00:59-04:00August 20th, 2021|

1 Million Patients Affected by June 2021 Healthcare Breaches

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) publicly posts breaches affecting 500 or more patients on their online breach portal. Each month, we review those breaches to determine what the leading cause behind the previous month’s breaches are. June 2021 healthcare breaches affected 1,039,442 patients, and were predominantly the result of hacking incidents, representing 90.37% of patients affected by June’s breaches. [...]

2023-04-06T14:01:07-04:00July 14th, 2021|

6.5 Million Patients Affected by 2021 May Healthcare Breaches

Every month we release a summary of the previous month’s healthcare breaches, and determine the leading cause behind that month’s breaches. In May 2021, there were 60 breaches reported, affecting 6,521,871 patients. Of these breaches, 46 affected healthcare providers, 10 affected health plans, 7 affected business associates, and one affected a healthcare clearinghouse. More details regarding May healthcare breaches are discussed below. 2021 [...]

2023-04-06T14:01:12-04:00June 15th, 2021|