Editor's Note Cyberattacks in August 2024 are the latest examples of a specific Iranian group intensifying efforts against US organizations since 2017, Healthcare IT News reported September 3. Citing an advisory issued by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense…

Read More

Editor's Note Responding to and recovering from data breaches in healthcare is more expensive than any other industry, according to a report by IBM and the Ponemon Institute. Healthcare Dive reported on the results August 1. According to that article, the $9.8 million average cost for a breach this year…

Read More

Editor's Note Hospitals and health systems have largely returned to normal operations in the wake of a global IT outage caused by a faulty update from cybersecurity company CrowdStrike, according to a July 29 article in Becker’s Health IT. The outage, which began July 18, resulted in many health systems'…

Read More

Editor's Note North Korean hackers targeted U.S. hospitals and healthcare systems with ransomware to fund a covert information exfiltration campaign against American military and scientific entities, according to a July 25 report from CBS News. The first attack was a May 2021 ransomware infiltration of a hospital in Kansas. The…

Read More

Editor's Note Introduced by a bipartisan group of Senators, the Healthcare Cybersecurity Act aims to bolster the cyber-defenses of healthcare entities through the collaboration of the U.S. Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA). According to a July 16 report in HealthExec,…

Read More

Editor's Note Healthcare industry groups are calling for the federal government to streamline and ease the recently proposed cybersecurity incident reporting rule by the Cybersecurity and Infrastructure Security Agency (CISA), Fierce Healthcare reported July 8. According to the report, CISA's proposal imposes enhanced reporting requirements for critical infrastructure entities, including…

Read More

Editor's Note On June 27, The Justice Department announced the 2024 National Health Care Fraud Enforcement Action, leading to criminal charges against 193 defendants, including 76 medical professionals across 32 federal districts in the U.S. for their involvement in various health care fraud schemes. These schemes accounted for approximately $2.75…

Read More

Editor's Note Although SecurityScorecard gave the US healthcare a “better than expected” B+ rating for cybersecurity in 2024, the supply chain cybersecurity firm also highlighted significant risks in application and endpoint security, HealthcareIT News reported June 25.   Overall, 35% of third-party data breaches in 2023 affected healthcare organizations, the…

Read More

Editor's Note A June 24 advisory from the FBI and Department of Health and Human Services warns healthcare organizations about attempts to steal payments through phishing and social engineering tactics, according to a post from the American Hospital Association (AHA). The attackers target employee email accounts to access login information…

Read More

Editor's Note Qilin, a ransomware group based in Russia, claimed responsibility for a cyberattack against pathology services provider Synnovis that paralyzed London Hospitals and is now requesting $50 million, Becker’s Health IT reported June 20. Citing a report from Bloomberg, the article notes that the attack disrupted services at London-based hospitals…

Read More