Security News

French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country. Though the company's website remains offline at the time of writing, an announcement was posted on LinkedIn warning of the data breach.

To manage an environment of increasing risks and limited resources, healthcare internal audit and compliance departments must align their risk assessments and audit work plans to areas most vital to achieving the strategic goals and business objectives of their organizations, according to Kodiak. To unlock these benefits, healthcare provider organizations need to mitigate a host of risks, such as storing and securing enormous amounts of data that is mostly protected health information, protecting the training data for AI models from malicious actors seeking to introduce bad data, and rooting out bias that can creep into in AI algorithms because of a lack of data for gender, sexual orientation, race and ethnicity.

HealthEC LLC, a provider of health management solutions, suffered a data breach that impacts close to 4.5 million individuals who received care through one of the company's customers. On December 22, the firm disclosed that it suffered a data breach between July 14 and 23, 2023, which resulted in unauthorized access to some of its systems.

As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity breach in healthcare are not only measured in compromised data but also in jeopardized patient safety and trust.

ESO Solutions, a provider of software products for healthcare organizations and fire departments, disclosed that data belonging to 2.7 million patients has been compromised as a result of a ransomware attack. The exact types of data exposed vary per individual, depending on the details the patients provided to the healthcare organizations using ESO's software and the care services they received.

A Verato survey offers perspectives on the data management strategies of healthcare executives, highlighting the crucial role of Healthcare Master Data Management in addressing key gaps, facilitating seamless data exchange, and aligning with the mandates of the 21st Century Cures Act. The 21st Century Cures Act set standards for the secure and frictionless exchange of data among payers, providers and consumers, including the establishment of an information-blocking rule that was finalized earlier this year.

Let's begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum? ...

Norton Healthcare, which runs eight hospitals and more than 30 clinics in Kentucky and Indiana, has admitted crooks may have stolen 2.5 million people's most sensitive data during a ransomware attack in May. During the intrusion, the criminals accessed names, contact information, Social Security Numbers, dates of birth, and may have included may have also included driver's license and government ID numbers, financial account information, and digital signatures. The not-for-profit healthcare system said it discovered the security incident, later determined to be a ransomware infection, on May 9, two days after the intrusion.

Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. "On May 9, 2023, Norton Healthcare discovered that it was experiencing a cybersecurity incident, later determined to be a ransomware attack," it said in a press release published on Friday.

American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October. Henry Schein is a Fortune 500 healthcare products and services provider with operations and affiliates in 32 countries and a revenue of over $12 billion reported in 2022.