Two years after a massive breach that exposed the personal information of some 21.5 million individuals, the U.S. Office of Personnel Management continues to labor in its attempt to guarantee the security of its information systems.
The recent WannaCry ransomware campaign has led to more healthcare organizations paying closer attention to cybersecurity and the latest threats, says Lee Kim of the Healthcare Information and Management Systems Society.
Personal details of over 100 million customers of Reliance Jio were apparently leaked and offered for sale on the dark web, according to news reports. The company says the data appears to be inauthentic and claims it has not been breached. But some customers contend they've verified the data's authenticity.
Trump Hotels is warning customers that payment card data at 14 of its properties was compromised during a seven-month breach that affected service-provider Sabre. Other affected chains include Hard Rock Hotel & Casino and Loews Hotels.
Although the Office of the National Coordinator for Health IT is phasing out its chief privacy officer position, a focus on data security and privacy will continue to be interwoven into all the work the office does, including electronic health record interoperability efforts, the head of the office pledges.
Russian-born Alexander Tverdokhlebov has been sentenced to serve nine years in U.S. prison after pleading guilty to causing damages of between $9.5 million and $25 million by running botnets, using malware to steal payment card data, selling "dumps" of that data as well as hiring money mules.
Regulators will not penalize healthcare providers that attested to meeting HITECH Act "meaningful use" incentive payment requirements using electronic health records from eClinicalWorks, a vendor that recently settled a false claims case with federal prosecutors.
Avanti Markets is warning 1.6 million users of its self-service kiosk vending machines that malware-wielding hackers infected about 1,900 of its machines and stole names and payment card data, but not biometric information. Point-of-sale malware called Poseidon appears to be involved.
President Donald Trump backtracked on a pledge that the United States and Russia would work together to improve global cybersecurity by forming a joint working group after his proposal was criticized by both Republican and Democratic lawmakers.
Although it's important to work with law enforcement after a data breach, organizations need to be careful about what information they share, says attorney Ruth Promislow, partner at Bennett Jones LLP.
As healthcare organizations build patient portals, they must address user authentication and a variety of other security issues, much like those involved in online banking, says Erik Devine, chief security officer at Riverside Healthcare in Illinois.
Analytics can play a critical role in cracking down on identity fraud, says Shaked Vax, Trusteer products strategist at IBM Security, who explains how to use the latest tools to identify network intruders.