Free Google Services Abused in Phishing Campaigns

Several phishing campaigns have been identified that are using free Google services to bypass email security gateways and ensure malicious messages are delivered to inboxes. Phishing emails often include hyperlinks that direct users to websites hosting phishing forms that harvest credentials. Email security gateways use a variety of methods to detect these malicious hyperlinks, including… Read More »

HHS Releases Final Rules with Safe Harbors for Cybersecurity Donations

On Friday last week, the Department of Health and Human Services’ Centers for Medicare and Medicaid Services (CMS) and Office of Inspector General (OIG) published final rules that aim to improve the coordination of care and reduce regulatory barriers. Both final rules contain safe harbor provisions that allow hospitals and healthcare delivery systems to donate… Read More »

Easy Way Delivery Services Confirmed as HIPAA Compliant by Compliancy Group

Compliancy Group has announced Easy Way Delivery Services has demonstrated compliance with the Health Insurance Portability and Accountability Act (HIPAA) Rules and has been awarded the HIPAA Seal of Compliance. Markham, Illinois-based Easy Way Delivery Services provides on-demand and scheduled medical courier delivery service throughout the Chicagoland area, Illinois, and the Midwest. The collection and… Read More »

Phishing Incidents Reported by Connecticut Department of Social Services, Mercy Iowa City and LSU Care Services

Connecticut Department of Social Services (DSS) has reported a potential breach of the protected health information of 37,000 individuals as a result of a series of phishing attacks that occurred between July and December 2019. Several email accounts were compromised and were used to send spam emails to several DSS employees, the investigation of which… Read More »

Daisee Confirmed as HIPAA Compliant by Compliancy Group

The speech and sentiment analytics software firm Daisee has been confirmed as having implemented an effective HIPAA compliance program by Compliancy Group. Daisee, an acronym of Deep Artificial Intelligence for Enterprise Ecosystem, was founded in 2017 and operates globally, including in the United States, Australia, and New Zealand. The company is a world leader in… Read More »

Three More Healthcare Providers Suffer Cyberattacks Involving Ransom Demands

Three healthcare providers in New York, Florida, and Georgia have started notifying patients that some of their protected health information was potentially compromised in recent cyberattacks, two of which involved ransomware and one involving an unspecified computer virus. Four Winds Hospital, NY Four Winds Hospital in Katonah, NY, discovered files had been encrypted by ransomware… Read More »

October 2020 Healthcare Data Breach Report

October saw well above average numbers of data breaches reported the HHS’ Office for Civil Rights. There were 63 reported breaches of 500 or more records, which is a 33.68% reduction from September but still 41.82% more breaches than the monthly average over the last 12 months. The elevated numbers of breaches can be partly… Read More »

Microsoft Warns of Ongoing Sophisticated Phishing Campaign Targeting Office 365 Users

Office 365 users have been warned about an ongoing phishing campaign which harvests user credentials. The campaign uses sophisticated techniques to bypass email security gateways and social engineering tactics to fool company employees into visiting websites where credentials are harvested. A variety of lures are used in the phishing emails which target remote workers, such… Read More »