Samantha Liss reports: As CommonSpirit Health, formed by the merger of Dignity Health and Catholic Health Initiatives in 2019, continues to deal with the fallout from a ransomware attack three weeks ago, security experts say such tie-ups and acquistions make healthcare systems more vulnerable to security breaches. M&A in healthcare “creates a huge risk” and a…
Category: Commentaries and Analyses
Microsoft links Raspberry Robin worm to Clop ransomware attacks
Sergiu Gatlan reports: Microsoft says a threat group tracked as DEV-0950 used Clop ransomware to encrypt the network of a victim previously infected with the Raspberry Robin worm. DEV-0950 malicious activity overlaps with financially motivated cybercrime groups tracked as FIN11 and TA505, known for deploying Clop payloads ransomware on targets’ systems. Read more at BleepingComputer
As Cybersecurity Awareness Month draws to a close, phishing incidents still pose a challenge
Despite attempts to educate employees and consumers how not to fall for phishing attacks, they continue to pose a significant risk to businesses and individuals. Here are just three current news items from different sectors that all show the impact of phishing. Kristen Jordan Shamus reports: The personal information of about 33,850 Michigan Medicine patients…
California Appellate Court In Ruling of First Impression Affirms Denial of Class Certification in Data Breach Involving Confidential Medical Information
Kristin L. Bryan of Squire Patton Boggs writes about a lawsuit stemming from an insider wrongdoing situation first reported in 2018: Last month a California appellate court affirmed (for the first time among any state appellate courts to consider the issue) the lower court’s denial of class certification for claims brought under the Confidentiality of…
HIPAA Security Rule Security Incident Procedures
HHS OCR’s October newsletter begins: Every October, in recognition of National Cybersecurity Awareness Month, the federal government and its partners work to educate stakeholders on cybersecurity awareness and how best to protect the privacy and security of confidential data. Within the health care industry, the HIPAA Security Rule1 applies to covered entities2 and their business associates3 (“regulated entities”)…
Paying off hackers is common, says top Australian govt cybersecurity firm
Byron Kaye reports: Corporate insurers routinely pay hackers a ransom for the return of stolen customer data, a top Australian government cybersecurity provider said on Tuesday (Oct 25), as the country’s biggest health insurer revealed the growing scale of a recent breach. The claim from Macquarie Telecom Group, which runs cybersecurity for 42 per cent…