Report: Data breaches continue to pose problems for healthcare systems
Editor's Note A new report from cybersecurity provider Critical Insight notes that data breaches are continuing to pose major problems for healthcare systems, an August 2023 Business Wire press release reports. Already more than 40 million patients' medical information was reportedly involved in data breaches in 2023. Following are key…
US and UK sanction Russian cybercrime group targeting hospitals, providers
Editor's Note The United States, in coordination with the United Kingdom, has imposed sanctions on 11 individuals linked to the Russia-based cybercrime group known as Trickbot, a US Department of the Treasury September 7 press release reports. These sanctions were issued by the US Department of the Treasury's Office of…
HHS: ARPA-H project to strengthen healthcare cybersecurity
Editor's Note The US Department of Health and Human Services (HHS) Advanced Research Projects Agency for Health (ARPA-H) announced that it is seeking proposals through September 7 to help fund and develop cybersecurity technologies for healthcare systems, clinics, and healthcare-related devices, the August 17 WIRED reports. The Digital Health Security…
The Joint Commission issues Sentinel Event Alert on patient safety after a cyberattack
Editor's Note The Joint Commission, on August 15, issued “Sentinel Event Alert 67: Preserving patient safety after a cyberattack.” The Alert focuses on risks associated with cyberattacks and provides recommendations on how healthcare organizations can deliver safe patient care if a cyberattack occurs. Actions suggested by The Joint Commission include:…
Cybersecurity alert: New ransomware threat to healthcare, recent attacks
Editor's Note On August 4, the Department of Health and Human Services Health Sector Cybersecurity Coordination Center released a security alert warning hospitals of a new ransomware group called Rhysida that has been active since May 2023 and is recently targeting healthcare by breaching networks and demanding a ransom. According…
Hospitals look to cybersecurity insurance as cyberattacks rise
Takeaways • Patient data & safety are at risk: 94% of hospitals have experienced at least one cyberattack. • Less than half of hospitals in the US carry cybersecurity insurance. • Security is a two-part strategy: cybersecurity insurance as well as preventative measures (eg, encrypted backups, patches, and training). When…
CISA: New 'high-risk' cyber vulnerability for Medtronic cardiac device management system
Editor's Note On June 29, the Cybersecurity & Infrastructure Security Agency (CISA) issued a medical advisory alert "warning of a significant, high-risk vulnerability in Medtronic’s Paceart Optima System, which is used to compile and manage patients’ cardiac device data," the American Hospital Association (AHA) July 6 reports. According to CISA,…
HHS: New ransomware threat alert for healthcare
Editor's Note On Friday, June 16, the Department of Health and Human Services (HHS) alerted the healthcare sector of a recent ransomware attack on a US cancer center that “reduced cancer treatment capability, rendered digital services unavailable, and threatened exposure of patient personal health information,” the American Hospital Association (AHA)…
Heightened focus on cybersecurity amid ransomware attacks, data breaches
Editor's Note Cybersecurity remains a top concern and potential hazard for patient data. In February, Lehigh Valley Health Network in Allentown, Pennsylvania, was attacked by a ransomware gang BlackCat, which has ties to Russia, Becker’s Health IT reports. The health system has since notified 627 individuals and will continue to…
HHS issues alert on cyber attacks against Veeam software
Editor's Note The Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Centers on May 10 issued an alert saying that cyber attacks against Veeam Backup & Replication software are on the rise, the American Hospital Association reports. What makes the threat significant is that this software is…