The U.S. Centers for Medicare and Medicaid Services has updated the scope of the MOVEit hacking breach last year, telling a sister agency that the software supply chain attack affected more than 3.1 million individuals - about three times the number of victims disclosed publicly earlier this month.
Genetics testing firm 23andMe will offer cash payments to millions of individuals whose sensitive data was compromised in a 2023 credential stuffing incident. Under the proposed $30 million lawsuit settlement, affected customers will also be offered dark web monitoring of their genetic data.
A Pennsylvania-based healthcare system that was hacked by ransomware group BlackCat in 2023 and extorted over stolen exam photos of breast cancer patients posted to a data leak site has agreed to pay $65 million under a proposed settlement of a lawsuit affecting 134,000 patients and employees.
It's yet to be determined whether a handful of states or the federal government will lead the charge in adopting comprehensive regulations involving the use of artificial intelligence in healthcare, said regulatory attorney Betsy Hodge, a partner in law firm Akerman.
As cloud computing, DevOps and automation continue to evolve, the lines between IT functions are fading, making security integral to these processes. Hiren Dave, CIO and CISO at Essen Health Care, shares how combining the roles of CIO and CISO improves risk management and communication.
As threat actors continue to evolve their attacks to circumvent security measures, cyber insurers are raising the bar for prospective healthcare security clients. Underwriters are increasing their scrutiny and adding new coverage requirements, said Chris Henderson of cybersecurity company Huntress.
Recent mega data breaches involving third-party vendors - such as the Change Healthcare cyberattack - are intensifying the spotlight on critical security risk management and governance issues for business associates and other suppliers, said regulatory attorney Rachel Rose.
Technology and security leaders convened at CIO.inc's Cloud and AI Innovation Summit to discuss cloud-driven innovation and AI adoption strategies. The event explored the advantages and risks of cloud and AI adoption and how organizations are using platforms to fuel growth.
While cyberthreats facing healthcare continue to evolve, security leaders must juggle a variety of cyber and related tech challenges, said Shawn Parker and Quincy Raybon, IT leaders at two medical care providers, and Ram Vaidyanathan of ManageEngine.
The healthcare sector is plagued by increasingly complex cyberthreats, and simply meeting compliance standards is not doing enough to protect sensitive healthcare data, according to Christopher Frenz, assistant vice president of IT security at Mount Sinai South Nassau.
John F. Banghart has spent 30 years in cybersecurity, and he appreciates the importance of creative thinking, upskilling and collaboration. Looking back on the Heartbleed vulnerability, Banghart said the incident demonstrates the need to address software supply chain risks causing problems today.
Authentication requiring stored credentials is not only vulnerable to phishing and other compromises, but using these credentials can also be cumbersome for busy clinicians, said Tina Srivastava, co-founder of Badge, a provider of deviceless, tokenless authentication technology.
Rural and small hospitals and other healthcare providers often complain that a lack of resources is a major factor stunting their cybersecurity maturity. But even when offered free or discounted cyber assistance, many of these organizations aren't signing up.
George Chacko, executive director of information security and compliance at New York Blood Center, shares his journey in cybersecurity, the challenges for nonprofit organizations with limited budgets and resources, and collaborative initiatives to improve security programs.
An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.