The 2020 Verizon Data Breach Investigations Report shows malware attacks are falling as threat actors target data in the cloud. This is the 13th year that the report has been produced, which this year contains an analysis of 32,002 security incidents and 3,950 confirmed data breaches from 81 global contributors in 81 countries. The report… Read More »
A patient who sued Parkview Health System Inc. after a medical assistant accessed her medical records and shared sensitive information with another individual has had her respondeat superior claim reinstated by the Indiana Court of Appeals. Haley SoderVick sued Parkview Health System after she was notified that a medical assistant had accessed her medical records… Read More »
There were 37 healthcare data breaches of 500 or more records reported in April 2020, up one from the 36 breaches reported in March. As the graph below shows, the number of breaches reported each month has been fairly consistent and has remained well below the 12-month average of 41.9 data breaches per month. While… Read More »
Onamia, Mn-based Mille Lacs Health System has experienced a phishing attack that potentially resulted in the exposure of more than 10,000 patients’ protected health information. Phishing emails were sent to some of its employees containing links that directed them to a website that requested their email credentials. A small number of employees were fooled by… Read More »
Lurie Children’s Hospital of Chicago is facing legal action over two privacy breaches involving employees accessing the medical records of patients without consent. The lawsuit was filed on behalf of a mother and her 4-year-old child. On December 24, 2019, Lurie Children’s Hospital notified the mother that her daughter’s medical records had been accessed by… Read More »
Joint guidance has been issued by the Healthcare and Public Health Sector Coordinating Council (HSCC) and the Health Information Sharing and Analysis Center (H-ISAC) on managing the cybersecurity tactical response in emergency situations, such as a pandemic. Threat actors will try to exploit emergency situations to conduct attacks, which has been clearly seen during the… Read More »
Two privacy bills have been introduced relating to COVID-19 contact tracing apps that are now being considered by Congress. The competing bills, introduced by Republican and Democratic lawmakers, share some common ground and look to achieve similar aims. The first bill, the COVID-19 Consumer Data Protection Act, was introduced by Republican senators Roger Wicker (R-Miss),… Read More »
Organizations that experience a ransomware attack may be tempted to pay the ransom to reduce downtime and save on recovery costs, but a survey commissioned by Sophos suggests organizations that pay the ransom actually end up spending much more than those that recover files from backups. The FBI does not recommend paying a ransom as… Read More »
Management and Network Services (MNS), LLC, a Dublin, OH-based provider of administrative support services to post-acute healthcare providers, has discovered the email accounts of some of its employees have been compromised. In a May 4, 2020 breach notification letter, MNS explained that it learned on or around August 21, 2019 that several employee email accounts… Read More »
Are you concerned about your remote employees accessing malicious websites, being fooled by phishing scams, or downloading malware? On Thursday May 21, 2020, the Ireland-based cybersecurity company TitanHQ is hosting a webinar to explain how you can better protect your remote workers and significantly improve your defenses against phishing and malware attacks. Most cyberattacks that… Read More »