Ryan Hill reports: Hospitals and health systems are finding themselves in the crosshairs of cybercriminals more frequently. According to third party cybersecurity company Black Kite’s 2021 Third Party Breach report, attacks on healthcare companies accounted for nearly a third of attacks in 2021. Blessing Health information security chief Todd Haverstock said he has seen the number…
Search Results for: HCA
Ca: St. Joe’s fires employee who snooped into medical records of 49 patients ‘out of curiosity’
Sebastian Bron reports: St. Joseph’s Healthcare Hamilton has fired an employee who inappropriately snooped into the medical records of four dozen patients. The massive privacy breaches spanned more than a year and saw 49 patients’ personal health information — think names, medical record numbers, ethnicities, family doctors, birthdays, phone numbers and addresses — exposed to a…
Health insurance: Data of more than 500,000 people stolen in France
Hannah Thompson reports: The health data of more than half a million people in France have been stolen from insurance body l’Assurance maladie after the accounts of healthcare staff were hacked. The 19 accounts, mainly belonging to pharmacists, were hacked after their email addresses were compromised. Data stolen include the names, surnames, date of birth,…
Comprehensive Health Services Pays False Claims Act Settlement Involving EMR Security
Marianne Kolbasuk McGee reports: A healthcare services contractor has agreed to pay a $933,000 settlement in a federal whistleblower case involving alleged false claims by the entity about the security of electronic medical records containing the information of military personnel, diplomats and contractors. The settlement is the first under the Department of Justice’s Civil Cyber-Fraud Initiative,…
HHS Cybersecurity Update: Conti Ransomware Update
TLP: White Report: 202203101700 March 10, 2022 Conti Ransomware (Update) Executive Summary Conti is a ransomware group that has aggressively targeted healthcare organizations since it was first observed in 2019. Conti ransomware attacks have targeted the healthcare industry, major corporations, and government agencies, particularly those in North America. In typical Conti ransomware attacks, the…
U.S. Congress Passes Cyber Incident and Ransom Payment Reporting Requirement
Energy, financial services, food and agriculture, healthcare, information technology, defense industrial base, and other critical infrastructure entities in the United States will face new cyber incident reporting requirements as a result of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the Act), enacted by the U.S. Congress on March 10, 2022. Read more…