PHI of Consumers Compromised in Theft Incidents at Cub Pharmacies
A pharmacy chain reported that looters stole the protected health information (PHI) of some of its clients at the end of May at the time…
Lifespan to Pay OCR $1 Million HIPAA Penalty Due to Lack of Encryption and Other HIPAA Violations
The HHS’ Office for Civil Rights has issued to Lifespan ACE, an affiliated covered entity of Lifespan Health System, a $1,040,000 HIPAA fine right after…
Data Breaches at Lorien Health Services, Accu Copy of Greenville and National Cardiovascular Partners
Lorien Health Services based in Ellicott City, MD, which manages 9 assisted living facilities throughout Maryland had encountered a ransomware attack on June 6, 2020….
Serious Vulnerabilities Identified in Apache Guacamole Remote Access Software
A few vulnerabilities were discovered in the Apache Guacamole remote access system. Plenty of companies had been using Apache Guacamole to allow administrators and personnel…
NSA Releases Guidance on Protecting IPsec Virtual Private Networks
The U.S. National Security Agency (NSA) has published guidance to aid businesses in protecting IP Security (IPsec) Virtual Private Networks (VPNs) that are utilized to…
Grays Harbor Community Hospital Agreed to $185,000 Settlement of Ransomware Lawsuit
Grays Harbor Community Hospital and Harbor Medical Group accepted the proposed settlement deal of the class-action lawsuit that the representative plaintiff filed in connection with…
Insufficient Visibility and Poor Access Management are Key Factors to Cloud Data Breaches
A lot more organizations these days are implementing their digital transformations and are utilizing the flexibility, scalability, and cost savings presented by public cloud spaces….
PHI Compromised Due to a Ransomware Attack and an Email Security Breach
Rangely District Hospital in Colorado began informing patients concerning the April 2020 ransomware attack that affected some of their protected health information (PHI) located on…
Voicemail Phishing Trick Discovered Targeting Remote Healthcare Employees
A lot of organizations are compelled to modify working strategies due to the COVID-19 crisis. A big number of workers now do their jobs from…
Healthcare Provider Employees Terminated Because of Impermissible Disclosure of PHI
Healthcare provider Kaiser Permanente based in Oakland, CA found out that an ex-employee got access to the radiology files of a lot of patients with…
Senators Wrote CISA and FBI Concerning the Danger to COVID-19 Research Data
Four Senators sent a letter to the Federal Bureau of Investigation (FBI) and the DHS Cybersecurity and Infrastructure Security Agency (CISA) due to the new…
Lurie Children’s Hospital of Chicago Faces Lawsuit Related to Two Data Breaches
Lurie Children’s Hospital of Chicago is confronted with legal action pertaining to two privacy breaches that involved staff accessing the medical records of patients without…
PHI Exposed Due to Breaches at Florida Internal Medicine Practice, Saint Francis Healthcare Partners and Ascension Eastwood Clinic
Daniel Bendetowicz, MD, PA is informing 3,314 patients about the exposure of their PHI because of a ransomware attack. The attack took place on March…
BJC HealthCare Phishing Attack Affects PHI of Patients at 19 Hospitals
BJC Healthcare made an announcement about the unauthorized persons accessing the email accounts of three BJC employees after replying to the phishing emails in their…
PHI of 41,000 Patients Compromised in Phishing Attacks at UPMC Altoona and Aurora Medical Center
UPMC Altoona found out about an unauthorized access to the email account of one doctor and the person possibly viewed or obtained the protected health…
FBI Gives Flash Advisory Regarding COVID-19 Phishing Attacks Targeting Healthcare Organizations
FBI has released another notice subsequent to a rise in COVID-19 phishing scams aimed towards healthcare organizations. In the notification, the FBI points out that…
Phishing Attacks at the Doctors Community Medical Center and Washington University School of Medicine
Doctors Community Medical Center in Maryland sent notification to some patients concerning a breach of their PHI. The discovery of the data breach in January…
Phishing Attacks on Healthcare Resource Group and Confido Exposed the PHI of Patients
Confido, a pharmacy benefits consulting company began mailing notification letters to 3,600 of its clients’ personnel, users, and their dependents concerning the probable access of…
Vulnerability Found in BD Pyxis MedStation and Pyxis Anesthesia (PAS) ES System
Becton, Dickinson and Company (BD) found a medium severity vulnerability in the BD Pyxis MedStation medication dispensing system version 1.6.1 and in the anesthesia carts…
Remote Employees Targeted By Cybercriminals Taking Advantage of the COVID-19 Crisis
The COVID-19 pandemic has made it compulsory for lots of persons to self-isolate. Organizations are under rising pressure to permit their personnel to work from…
Hospitals Enjoy Free Use of TigerConnect Secure Communications Platform During COVID-19 Pandemic
TigerConnect is a company in the U.S.A. offering the most popular secure healthcare communications platform. It announced that it is giving U.S. health systems and…
HIV Test Phishing Campaign Targets Healthcare and Pharmaceutical Companies
Proofpoint researchers have discovered a new phishing campaign directed at healthcare organizations, insurance companies, and pharmaceutical firms. The intercepted emails imitate Vanderbilt University Medical Center…
UW Medicine Faces Class Action Lawsuit Over 974,000-Record Data Breach
The University of Washington Medicine is facing a lawsuit filed in King County Superior Court with regards to a data breach that caused the exposure…
New Report Unveils the Brand Names Most Often Impersonated by Phishers
The new Vade Secure report unveiled the top 25 commonly impersonated brands in phishing attacks. The Phishers’ Favorite report for Q4 of 2019 stated that…
Employee Email Account Breach at PSL Services and Monroe County Hospital & Clinics
Peregrine Corporation, also known as PSL Services, found out about the unauthorized access to the email accounts of several employees from December 16 to December…
Phishing Attack on MHMR of Tarrant County and Reva Impacted 7,524 People
My Health My Resources (MHMR) of Tarrant County in Fort Worth, TX suffered a phishing attack that resulted in the compromise of some employees’ email…
Threat to Publish Stolen Data by Maze Ransomware Group Increasing
The threat actors responsible for the Maze ransomware attacks are threatening their victims that they will post the information stolen during ransomware attacks if they…
65% of American Organizations Had Dealt With a Successful Phishing Attack in 2019
The cybersecurity firm Proofpoint shared its 2020 State of the Phish report, which showed that 65% of American organizations (55% worldwide) experienced at least one…
NIST Issued Its Privacy Framework Version 1.0
The National Institute of Standards and Technology (NIST) issued its Privacy Framework version 1.0 on January 16, 2020. The goal of the Privacy Framework is…
FBI Warning Against Maze Ransomware Attacks
The Federal Bureau of Investigation (FBI) published an alert to warn private companies in the U.S. concerning Maze ransomware attacks. FBI gave the alert after…
Second Lawsuit Filed Against Kalispell Regional Healthcare Over Phishing Attack
Kalispell Regional Healthcare based in Montana is charged with another legal case on account of the May 2019 phishing attack that allowed cybercriminals to access…
Six HIPAA Security Rule Provisions that Help Covered Entities to Prevent Ransomware Attacks
Ransomware attacks are now more advanced. Cybercriminals are creating new approaches and strategies to access systems and deploy ransomware. The most common ways of accessing…
What is Senator Wicker’s U.S. Consumer Data Privacy Act of 2019
Senator Roger Wicker (R-Miss), the Commerce Committee Chair, presented a draft copy of the United States Consumer Data Privacy Act of 2019 (CDAP). CDAP is…
200,000 Critical and Severe Vulnerabilities Being Fixed by Blue Cross Blue Shield of Minnesota
Blue Cross Blue Shield of Minnesota, which is Minnesota’s biggest health insurance company, is presently trying to take care of approximately 200,000 unaddressed vulnerabilities detected…
Data Breaches Reported by Sunrise Community Health, Katherine Shaw Bethea Hospital and NYC Health + Hospitals
Sunrise Community Health located in Evans, CO uncovered the exposure of a number of employees’ email accounts because of the employees’ response to phishing emails….
Phishing Attacks on Comprehensive Sleep Care Center and Ivy Rehab Physical Therapy Potentially Impact PHI
Loudoun Medical Group, also known as Comprehensive Sleep Care Center (CSCC), experienced a phishing attack approximately on June 19, 2019. The IT department was notified…
Great Plains Health Patient Medical Records Encrypted Due to Ransomware Attack
A ransomware attack on Great Plains Health based in North Platte, NE resulted in the encryption of some patients’ health records. Great Plains Health discovered…
Philips IntelliBridge EC40/80 Hubs Were Found to Have a Vulnerability
Philips released information about a vulnerability found in Philips IntelliBridge EC40/80 hubs. An attacker could exploit to access vulnerable hubs and execute a software program,…
HHS to Issue Higher Civil Monetary Penalties for HIPAA Violations in Keeping with Inflation Rates
As per the Inflation Adjustment Act, the U.S Department of Health and Human Services took into account the inflation rate when issuing civil monetary penalties…
URMC Pays $3 Million HIPAA Penalty for Failure to Encrypt Mobile Devices
The University of Rochester Medical Center (URMC) paid OCR $3 million as HIPAA penalty for failing to implement encryption on mobile gadgets and for other…
Phishing Attacks Compromise PHI of 56,000 Presbyterian Health Plan Members
A series of phishing attacks have compromised the protected health information of 56,000 members of Presbyterian Health Plan. The phishing attacks did not directly target…
Former Employee at Little Rock Plastic Surgery Illegally Accessed Patient Information
Little Rock Plastic Surgery (LRPS) is in the process of notifying patients of a data security incident which saw a former employee illegally access the…
Fedcap Rehabilitation Notifying 2,200 Individuals of Data Breach
Fedcap Rehabilitation is in the process of notifying 2,200 individuals of a data security incident which may have seen their confidential information compromised. New York-based…
Limited HIPAA Waiver in Areas Affected by Hurricane Dorian
The Secretary of the Department of Health and Human Services (HHS), has declared a public health emergency in Puerto Rico and the states of Florida,…
IRS Phishing Scam Used to Spread Keylogging Malware
Taxpayers and business have been warned of a new IRS phishing scam being used to spread keylogging malware. The hackers design the emails to appear…
Malware Found in Android PDF App CamScanner
Users of the Android app CamScanner have been advised to uninstall the app after a recent version was found to harbour malware. Security researchers at…
Ransomware Attack at Hospice of San Joaquin, CA
The Hospice of San Joaquin in Stockton, California, is in the process of notifying patients that their protected health information may have been compromised in…
Grays Harbor Community Hospital in Washington Ransomware Attack Affects 88,000 Patients
Grays Harbor Community Hospital in Washington is notifying 88,399 patients that their confidential health information may have been compromised in a ransomware attack. The hospital…
HHS Issues Limited Waiver of HIPAA Sanctions and Penalties in Louisiana
The US Department of Health and Human Services has issued a limited waiver of HIPAA sanctions and penalties in Louisiana following Tropical Storm Barry making…
Northwood Notifying Patients of Data Breach Following Phishing Attack
Northwood Inc. is notifying individuals that their private information may have been comprised in a data breach following a phishing attack. Northwood Inc., based in…