Salinas Valley Memorial Healthcare System in California has agreed to settle a class action lawsuit for $340,000 to resolve claims from patients affected by a breach of its email environment in 2020. Between April 30, 2020, and June 5, 2020, unauthorized individuals gained access to the email accounts of four employees and a contractor following… Read More »
The Health Sector Cybersecurity Coordination Center (HC3) has published a security advisory warning the healthcare and public health sector about the risks associated with Internet of Things (IoT) devices along with recommendations for improving the security of IoT devices. The Internet of Things (IoT) refers to physical devices that have the capability to exchange data… Read More »
The Health Insurance Portability and Accountability Act (HIPAA) sets national standards to protect sensitive patient health information and to prevent that information from being disclosed without an individual’s knowledge or consent. HIPAA applies to healthcare providers, health plans, and healthcare clearinghouses, which are classed as HIPAA-covered entities. There is a misconception that only HIPAA-covered entities… Read More »
Further information has been released on two cyberattacks on healthcare organizations: Goodman Campbell Brain and Spine and Behavioral Health Group. Goodman Campbell Brain and Spine Notifies 363,000 Patients About Public Release of PHI on Dark Web Carmel, IN-based Goodman Campbell Brain and Spine has started notifying 363,000 current and former patients that some of their… Read More »
The U.S. Cybersecurity and Infrastructure Security Agency has published a list of the top malware strains identified in 2021. Malware is used by threat actors to compromise devices, giving them a backdoor into devices and networks for performing a range of nefarious activities. Malware can also be destructive and be used to sabotage systems, such… Read More »
First Choice Community Healthcare in Albuquerque, NM, has started notifying certain patients that an unauthorized individual gained access to its network and potentially stole patient data. In a substitute breach notification, First Choice explained that unusual activity was detected within its technological environment on March 27, 2022. A third-party cybersecurity firm was engaged to conduct… Read More »
Dental Care Alliance has agreed to settle a class action lawsuit filed in response to a data breach that affected more than 1.7 million individuals. A fund of $3 million has been created to cover claims from individuals affected by the breach. Dental Care Alliance, LLC, is a Sarasota, FL-based dental support organization with more… Read More »
The Oklahoma City home health provider, Healthback Holdings, has started notifying 21,114 individuals that some of their protected health information has potentially been viewed or obtained by unauthorized individuals. Unusual activity was detected within its email environment on June 1, 2022. A third-party cybersecurity firm was engaged to assist with the investigation and confirmed that… Read More »
Cyberattacks on businesses have been increasing year over year across all industry sectors, and there has been an increase in cyberattacks involving third parties. From the point of view of a cyber threat actor, it makes more sense to attack a vendor such as a managed service provider, as if the attack is successful, the… Read More »
Fast Track Urgent Care, a network of urgent healthcare clinics in Florida, has confirmed that 258,411 individuals have had their protected health information exposed and potentially stolen in a ransomware attack on billing and practice management vendor, PracticeMax. PracticeMax said it identified suspicious activity within its network on May 1, 2021, and confirmed that ransomware… Read More »