A Florida public hospital system has kicked off the New Year of breaches by reporting to regulators a hacking incident detected in October that involved data exfiltration affecting the personal information of more than 1.3 million patients and employees.
In a series of crypto giveaway scams, cybercriminals targeted the official Twitter accounts of the Indian Medical Association, the Indian Council of World Affairs and Mann Deshi bank. The incidents highlight why social media accounts need better access management strategies.
Buckle up. The healthcare industry and consumers are heading into the New Year with indications of significant changes to the regulation and enforcement of health information privacy and security by the Department of Health and Human Services. What's in store?
The U.S. e-commerce website, PulseTV, recently disclosed a data security breach involving over 200,000 customer credit card details. It is believed that only customers who purchased products on the website with a credit card between Nov. 1, 2019 and Aug. 31, 2021 may have been affected.
ISMG's global editorial team reflects on the top cybersecurity news and analysis from 2021 and looks ahead to the trends already shaping 2022. From ransomware to Log4j, here is a compilation of major news events, impacts and discussions with leading cybersecurity experts on what to expect in the new year.
Health technology providers - including makers of mobile health apps, personal health records, fitness devices and other related products - must keep a watchful eye on critical evolving privacy and regulatory issues in the months ahead, says attorney Brad Rostolsky of the law firm Reed Smith.
ONUS, one of Vietnam's largest cryptocurrency platforms, has reportedly fallen victim to a ransomware attack that has been traced to Apache's remote code execution vulnerability, Log4j, via third-party payment software. CrowdStrike has also detected Chinese APT activity around the logging flaw.
In the U.S., three states now have disparate data privacy laws - and more are coming. Meanwhile, China has enacted a new law that has global enterprises scrambling. How will these and other actions shape privacy discussions in 2022? Noted attorney Lisa Sotto shares insights.
U.S. President Joe Biden on Monday signed into law the National Defense Authorization Act for fiscal year 2022, which contains $768 billion in defense spending - 5% more than 2021 - and several cybersecurity provisions, including expansion of the Cybersecurity and Infrastructure Security Agency.
Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP, joins three ISMG editors to discuss important cybersecurity and privacy issues, including how U.S. enterprises are harmonizing three disparate privacy laws, and ransomware preparedness.
Two healthcare sector entities are in the process of notifying a total of nearly 750,000 individuals of recent hacks compromising patients' protected health information. Separately, regulators have issued HIPAA guidance pertaining to PHI disclosures involving "extreme risk" and firearms.
A federal grand jury has handed down a superseding indictment expanding the charges filed against Joe Sullivan, the former CSO of Uber, for his allegedly covering up a 2016 data breach at the ride-sharing service from authorities and paying "hush money" to two hackers. Sullivan denies the charges.
Federal authorities have issued an advisory warning about remotely exploitable security vulnerabilities in certain Fresenius Kabi infusion pump systems that could allow an attacker to gain access to sensitive information, modify settings, or perform arbitrary actions as an authenticated user.
A flaw in a Bluetooth-enabled at-home COVID-19 test, which has since been fixed, would have allowed individuals to change test results from positive to negative, and vice versa, says a report by the security researcher who discovered the problem. Are other medical IoT products at similar risk?
A Kentucky-based medical specialty practice is notifying nearly 107,000 individuals that their information was potentially compromised in a recent email hack. Meanwhile, a Missouri medical center is still dealing with a phone and IT systems outage that started last week.