Change Healthcare - a unit of Optum that provides IT services and applications to hundreds of U.S. pharmacies, payers and healthcare providers - is dealing with a cyber incident that has forced the company to take its applications offline enterprisewide. The company said is triaging the situation.
Software giant ConnectWise urged customers to promptly update critical vulnerabilities that could allow the execution of remote code or directly affect confidential data or critical systems. The two vulnerabilities stem from an authentication bypass weakness and path traversal flaw.
An Arizona firm that provides administrative services to a dozen ophthalmology practices in several states is notifying nearly 2.4 million patients of a data theft incident. The hack is among the latest recent major data breaches involving vendors of critical services to healthcare firms.
Australian telecom company Tangerine is blaming the compromise of a third-party contractor's credentials for exposing personal information of 232,000 customers, which had been stored in a legacy database. The breach exposed customers' names, birthdates, mobile numbers, addresses and account numbers.
Bank of America is notifying more than 57,000 customers that their information, including Social Security numbers, was potentially compromised in a hacking incident last November at Atlanta, Georgia-based insurance software firm InfoSys McCamish. BoA says none of its systems were affected.
Remote desktop application provider AnyDesk acknowledged that hackers recently had gained unauthorized access to the company's production systems in a cyberattack. The firm said it has revoked all security-related certificates as a precaution and is rolling out a new code-signing certificate.
Thanks to the massive Anthem hack, for nearly a decade 2015 has been the record year for U.S. health data breaches - with 112.5 million people affected. But 2023 shattered that record, big-time. Will 2024 be another banner year for health data compromises?
While ransomware groups rightly have a reputation for being morally and ethically bankrupt, many do play things straight with their victims. But RansomedVC is a notable exception. In some ways, it is "more dangerous" because of its expert ability to lie, according to researcher Jon DiMaggio.
A Texas-based physical and occupational therapy provider is notifying nearly 4 million patients that they have joined the soaring tally of victims of a data theft incident at a Nevada medical transcription vendor last year. The supply chain hack appears to have affected at least 14 million people.
Supply chain attacks and zero-day exploits surged in 2023, helping to set yet another record for data breaches tracked by the Identity Theft Resource Center. James E. Lee, COO of the group, explained why the number of compromises grew so dramatically - from 1,801 incidents in 2022 to 3,205 in 2023.
Does a day ever go by without a fresh set of data breach notifications? Some organizations' breach notifications at least signal respect for the recipient. But others play it shadier, by resorting to marketing spin, minimizing the blame, and in some cases, even indulging in corporate cheerleading.
Fallout is mounting, and new developments are emerging in several high-profile health data hacks. Data breaches reported in recent weeks and months at a medical transcription vendor, a hospital chain and a law firm are affecting a growing list of clients and individuals - and triggering lawsuits.
This week, hackers took over Mandiant's X account, authorities charged a Nigerian hacker with stealing $7.5 million from charities, the DOJ fined XCast $10 million for illegal robocalls, and attackers exploited an SMTP smuggling flaw in a phishing email campaign.
A defunct ambulance company is notifying nearly 912,000 patients and employees that their archived records were compromised in an early 2023 data theft hack. The firm previously provided emergency care in the Boston region and administrative services to affiliated transportation companies.
The count of known U.S. organizations that fell victim to ransomware last year - whether or not they paid a ransom - surged from 220 to 321, and hospital systems, K-12 school districts and post-secondary schools were especially affected, researchers report.