Allaire Healthcare Group and Platinum Hospitalists have recently announced that an unauthorized individual has gained access to an employee email account and potentially viewed or copied patient data. PHI Potentially Compromised in Email Account Breach at Allaire Healthcare Group Freehold, NJ-based Allaire Healthcare Group, which runs five residential healthcare facilities in the tri-state area that… Read More »

Another zero-day vulnerability has been identified that affects the same Windows tool as Follina. While the vulnerability is not known to have been exploited in the wild, the bug is exploitable and the recent interest and widespread exploitation of the Follina vulnerability make exploitation of this flaw more likely. The vulnerability affects the Microsoft Diagnostic… Read More »

The HHS’ Health Sector Cybersecurity Coordination Center (HC3) has issued a warning to the healthcare sector about the threat from Emotet malware. Emotet was first detected in 2014 and was initially a banking Trojan; however, the malware has been updated over the years and has had new features added. In addition to serving as a banking… Read More »

ScribeMedics LLC, a provider of real-time, remote, EHR charting, medical transcription, virtual back office, and medical record review services, has demonstrated to Compliancy Group that the company and its services are fully compliant with the regulatory standards outlined in the HIPAA Privacy Rule, HIPAA Security Rule, HIPAA Breach Notification Rule, HIPAA Omnibus Rule, and the… Read More »

The protected health information of up to 2 million individuals has potentially been compromised in a Shields Health Care Group cyberattack. Massachusetts-based Shields Health Care Group provides ambulatory surgical center management and medical imaging services throughout New England. On March 28, 2022, suspicious activity was detected within its network. Immediate action was taken to secure its… Read More »

Ransomware attacks on healthcare organizations increased by 94% year over year, according to the 2022 State of Ransomware Report from cybersecurity firm Sophos. The report is based on a global survey of 5,600 IT professionals and included interviews with 381 healthcare IT professionals from 31 countries.  This year’s report focused on the rapidly evolving relationship between… Read More »

Atlassian has released a patch to fix a critical zero-day vulnerability that affects all supported versions of Confluence Server and Data Center. The vulnerability – tracked as CVE-2022-26134 – has a maximum CVSS severity score of 10 out of 10 and can be exploited remotely by unauthenticated attackers to achieve code execution. According to security… Read More »

Five vulnerabilities that require immediate patching have been identified in the Illumina Local Run Manager (LRM), which is used by Illumina In Vitro Diagnostic (IVD) devices and Illumina Researcher Use Only (ROU) instruments. The affected devices are used for clinical diagnostic DNA sequencing and testing for various genetic conditions, and for research use. Four of… Read More »

In 2021, Iranian state-sponsored hackers attempted a destructive cyberattack on Boston Children’s Hospital, which the Federal Bureau of Investigation (FBI) was able to successfully block before the hospital’s computer network was damaged. FBI Director Christopher Wray said the attempted cyberattack was “one of the most despicable cyberattacks I have ever seen.” Speaking at Boston College… Read More »

Alameda Health System in California, Capsule pharmacy in New York, and Aon PLC in Illinois have recently reported data breaches affecting a total of 56,290 individuals. Alameda Health System Notifying 90,000 Patients About PHI Breach Oakland, CA-based Alameda Health System has recently reported a data breach to the Department of Health and Human Services’ Office… Read More »