Naomi Diaz reports: The American Hospital Association said HHS’ plan to levy financial penalties in the event of a cyberattack on a healthcare organization would be counterproductive. In a Dec. 6 statement, the AHA said it is advocating for the HHS to review its proposal that requires healthcare organizations to be compliant with new cybersecurity requirements and…
Search Results for: HCA
Millions of patient scans and health records spilling online thanks to decades-old protocol bug
Carly Page reports: Thousands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, researchers have warned. This standard, known as Digital Imaging and Communications in Medicine, or DICOM for short, is the internationally…
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
Kevin Beaumont writes: How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance owns Ongoing Operations LLC, and provides a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp platform was not patched for CitrixBleed, as no Netscaler…
NZ: Health Worker Arrested for Misusing Vaccination Data: A Case of Breach of Trust
Somasetty Suresh reports: A health worker has been apprehended by the authorities for an alleged misuse and disclosure of vaccination data. The individual, whose identity has not been revealed, has been charged with accessing a computer system for dishonest purposes. The incident came to light recently, prompting swift action from the concerned authorities. The accused…
U.K.: Hospitals urged to improve data protection standards following incident at NHS Fife
From the Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has issued a reprimand to NHS Fife, after an unauthorised person was able to enter a ward and access the personal information of 14 patients. In February 2023, an unauthorised person gained access to a ward. Due to a lack of identification checks and formal processes,…
Hospitals in multiple states diverting patients after Ardent Health Services hit with ransomware attack
It was predictable that threat actors would attack during Thanksgiving week when many people take off for the holiday and long weekend. Ardent Health Services was hit with a ransomware attack — and badly enough that hospitals wound up diverting emergency patients. Below the break, you can find the text of Ardent’s notice and FAQ….