The Healthcare and Public Health Sector Coordinating Council (HSCC) has urged President Biden to provide further funding and support to improve the cybersecurity posture of the healthcare sector to improve resilience to cyberattacks. In a recent letter addressed to President Biden and copied to Senate and House party leaders, the HSCC called for more funds… Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning about 6 vulnerabilities in the ZOLL Defibrillator Dashboard, including one critical 9.9 severity remote code execution flaw. The vulnerabilities were reported to CISA anonymously and affect all versions of the ZOLL Defibrillator Dashboard prior to version 2.2. Some of the flaws can… Read More »
Ohio-based Five Rivers Health Centers has notified 155,748 patients that some of their protected health information was stored in email accounts that have been accessed by an unauthorized individual following a phishing attack. It is unclear when the breach was discovered, but Five Rivers Health Centers reports that following an extensive forensic investigation into the… Read More »
The Texas Legislature has followed in the footsteps of California and Maine and has passed a bill that requires the Texas Attorney General to publish notices of breaches of personal data that affect state residents on the state Attorney General’s public-facing website. House Bill 3746, which was unanimously passed, amends the Texas Business and Commerce… Read More »
The Louisville, KY-based health insurance and healthcare provider Humana and its business associate Cotiviti are facing legal action over a data breach discovered in late December 2020. On May 26, 2021, a lawsuit was filed in the U.S. District Court for the Western District of Kentucky over the mishandling of Humana insurance plan members’ medical… Read More »
In September 2020, Nebraska Medicine and the University of Nebraska Medical Center discovered their systems had been hacked and malware had been downloaded to its network that gave hackers access to the protected health information of up to 219,000 individuals. The attack forced Nebraska Medicine to shut down its systems causing disruption to operations. Hackers… Read More »
A critical remote code execution vulnerability in VMware vCenter Server and VMware Cloud Foundation is being actively exploited by cyber actors to take full control of unpatched systems. The flaw, tracked as CVE-2021-21985, was announced by VMWare in late May and a patch was released to correct the flaw on May 25, 2021. The Cybersecurity… Read More »
Lafourche Medical Group, a Louisiana-based urgent care center operator, has notified 34,862 patients about a security breach that potentially involved some of their protected health information. On March 30, 2021, Lafourche Medical Group learned that an external accountant had responded to a phishing email that spoofed one of the owners of Lafourche Medical Group and… Read More »
Social media platforms such as Facebook, Twitter, Snapchat, and Instagram make it easy for healthcare organizations to advertise their services and win new business. Healthcare providers can use social media sites to communicate with patients, provide updates on their services, and engage patients and get them to take a more active role in their healthcare.… Read More »
The National Institute of Standards and Technology (NIST) has published a new report on the use of biometric authentication on mobile devices to allow first responders to gain rapid access to sensitive data, while ensuring that information can only be accessed by authorized individuals. Many public safety organizations (PSOs) are now using mobile devices to… Read More »