CISO

Employees Sue Home Health Provider After Phishing Breach

A class action lawsuit claims that thousands of employees of a home healthcare services firm were harmed by the disclosure of their personal information in a breach earlier this year involving a business email compromise scam. Earlier, regulators fined the company for another breach.

[ Read More ]

Current Security Approaches May Encourage EMR Password Sharing

In theory, you want everyone who accesses a patient’s health data to leave a clear footprint. As a result, it’s standard to assign every clinician using EMR data to be assigned a unique user ID and password. Most healthcare organizations assume that this is a robust way to document who is using the system and

[ Read More ]

IFHS Investigates Cybersecurity Breach Of Clinic’s Computer System

Unalaska’s clinic is investigating a security breach of its computer system. The ransomware attack happened in August, according to James Kaech, executive director of Iliuliuk Family and Health Services. He said the clinic’s access to its computer system was temporarily blocked, but it seems no information was stolen. “Currently, it doesn’t look like there was

[ Read More ]

Healthcare still struggling to detect insider threats, even years after breaches

Nearly 500,000 patient records were reported breached in September, according to the latest Protenus Breach Barometer. September was riddled with another long list of organizations dealing with breaches caused by insiders, and some organizations failed to discover some of these for years, Protenus’ September Breach Barometer found. Insider-wrongdoing impacted nearly three times as many patient

[ Read More ]

Cybersecurity is top concern in IoT deployments

Healthcare and other organizations have too many end-points to worry about, and a lack of internal collaboration isn’t helping, a BlackBerry survey finds. Fayetteville-based Arkansas Oral Facial Surgery Center was recently hit by a ransomware attack that potentially breached the data of 128,000 of its patients. This was just the latest in a long line

[ Read More ]

TheDarkOverLord is extorting another healthcare provider

The notorious hacker is targeting Austin Manual Therapy Associates in its latest extortion attempt, claiming it holds the PHI of patients — including insurance authorization data. Nefarious hacker TheDarkOverLord (TDO) is attempting to extort Austin Manual Therapy Association (AMTA), which has two locations in Austin. TDO alluded to the hack at the beginning of the

[ Read More ]

3 lessons for the FDA following Abbott’s cybersecurity recall

The FDA’s decision to recall 465,000 pacemakers in August due to cybersecurity vulnerabilities offers some important lessons for the regulator and the industry that is likely to face similar medical device recalls in the future. The FDA announced a firmware update for Abbott-manufactured cardiac devices in August after cybersecurity weakness were discovered by the investment

[ Read More ]

Rep. Greg Walden prods Nuance for more information about NotPetya attack

The chairman of the House Committee on Energy and Commerce has asked Nuance to provide more information about the malware attack that shut down the company’s operation for more than a month and left providers searching for a new transcription service. Rep. Greg Walden, R-Ore., who chairs the committee, sent a letter to Nuance CEO

[ Read More ]