From netsec.news
First HIPAA Risk Analysis Enforcement Initiative Financial Penalty Issued by OCR - NetSec.News
1 1
The HHS Office for Civil Rights (OCR) reported its second settlement involving a ransomware-related HIPAA violation. This settlement is the first HIPAA enforcement action under ... Read more
#HIPAA #compliance #healthprivacy #dataprotection
18h ago
From netsec.news
Zero day vulnerability exploited in FortiManager - NetSec.News
0 0
Fortinet has warned of a critical vulnerability in its FortiManager management platform, a tool that defines network and security policies for all its products. At ... Read more
on Nov 6
From netsec.news
Change Healthcare Cyberattack Cost to Rise to $2.46bn - NetSec.News
0 0
The Change Healthcare cyberattack was detected on February 21, 2024. Multiple cybercriminal groups have obtained a copy of the stolen data. As many as 1 in 3 Americans have been affected.
on Oct 22
From netsec.news
New York's New Cybersecurity Rules for General Hospitals - NetSec.News
0 0
On October 2, 2024, New York introduced new laws requiring “general hospitals” across the state to enforce cybersecurity measures. Before this law, state hospitals were ... Read more
on Oct 18
From netsec.news
700,000+ DrayTek Routers Exposed to Security Vulnerabilities - NetSec.News
0 0
A series of new security vulnerabilities affecting DrayTek routers have been discovered, putting over 700,000 devices at risk of exploitation. Researchers found that these flaws ... Read more
on Oct 7
From netsec.news
0 0
A criminal investigation was due after discovering that the Department of Veterans Affairs (VA) employees accessed the medical files of vice presidential candidates Minnesota Governor ... Read more
on Oct 7
From netsec.news
Global Cybersecurity Agencies Release Principles for Securing Operational Technology - NetSec.News
0 0
On October 2, 2024, a set of principles titled Principles of Operational Technology Cybersecurity was released by cybersecurity agencies from Australia, the U.S., and other international partners. ... Read more
on Oct 3
From netsec.news
0 0
Microsoft published an alert regarding a cybercriminal group known as Vanilla Tempest, which is deploying INC ransomware to attack the U.S. healthcare industry. INC ransomware, ... Read more
on Sep 27
From netsec.news
Windows MSHTML Platform Zero Day Vulnerability Actively Exploited by APT Group - NetSec.News
0 0
Microsoft patched a vulnerability on September Patch Tuesday yet attackers are still exploiting the vulnerability to install data-stealing malware. Vulnerability CVE-2024-43461 is identified as a ... Read more
on Sep 20
From netsec.news
Texas challenges HHS HIPAA rule on reproductive health privacy - NetSec.News
0 0
Texas Attorney General has filed a lawsuit against the U.S. Department of Health and Human Services (HHS) challenging the new HIPAA rule on reproductive healthcare ... Read more
on Sep 16
From netsec.news
Alert Issued About Russian Hacking Group Attacking Critical Infrastructure - NetSec.News
0 0
The Federal Bureau of Investigation (FBI), National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and their partners have published a joint cybersecurity warning ... Read more
on Sep 14
From netsec.news
House of Representatives Reviews the Healthcare Cybersecurity Act - NetSec.News
0 0
The introduction of the bipartisan Senate bill known as the Healthcare Cybersecurity Act was a response to the Change Healthcare ransomware attack and presently has ... Read more
on Sep 9
From netsec.news
Answers Required from DOL Regarding State Agencies' Surprise Inspections - NetSec.News
0 1
Two House Democrats wrote to Department of Labor (DOL) Acting Labor Secretary Julie Su requiring replies regarding allegations that California and South Carolina Occupational Safety ... Read more
on Sep 4
From netsec.news
464,000 People Impacted by Kootenai Health Ransomware Attack - NetSec.News
0 0
Health system Kootenai Health based in Coeur d’Alene, ID serves northern Idaho and the Inland Northwest. It recently reported a data security breach that affected ... Read more
on Aug 27
From netsec.news
0 1
A VA medical center located in Prescott, AZ, was unable to keep its employees safe from critical and possibly fatal patient violence. This is the second time in four years that the Occupational Safety and Health Administration (OSHA) has reported the VA medical center for allowing its employees...
on Jul 27
From netsec.news
PHI Exposed in HealthEquity Cyberattack - NetSec.News
0 0
Financial technology and business services provider HealthEquity based in Draper, UT encountered a cyberattack that exposed SharePoint data, including protected health information (PHI). HealthEquity offers the following services: health savings account (HSA), and consumer-focused benefits...
on Jul 21
From netsec.news
Cyber Fire Drills: A New Tool to Fight Healthcare Cyberattacks - NetSec.News
0 0
Cyber fire drills are short, targeted simulations that mimic real-world cybersecurity attacks.
on Jul 19
From netsec.news
SkinCure Oncology Email Account Breach - NetSec.News
0 0
SkinCure Oncology in Burr Ridge, IL has informed 13,434 individuals regarding an email attack that happened in June 2023. SkinCure Oncology has sent personal notifications to patients who had their protected health information (PHI) compromised because of an email breach. Based on the substitute...
on Jul 16
From netsec.news
0 0
CHIME and some healthcare provider organizations wrote to Melanie Fontes Rainer, the Office for Civil Rights (OCR) Director, for clarity and information for physicians and healthcare providers concerning the reporting requirements associated with the Change Healthcare data breach. The HHS...
on Jul 9
From netsec.news
PHI of 175,195 Patients Exposed in South Texas Oncology and Hematology Cyberattack - NetSec.News
0 0
Cancer treatment center South Texas Oncology and Hematology (STOH) based in San Antonio, TX has informed 176,303 patients about a cyberattack discovered on February 15, 2024. STOH has seven centers located in Texas with over 405 employees and approximately generates $8 million in yearly revenue....
on Jul 4
From netsec.news
Surgeon Who Exposed Transgender Care to Minors Charged with Criminal HIPAA Violations - NetSec.News
0 0
The Department of Justice has revealed the indictment against surgeon Eithan Haim, MD. Haim was the whistleblower who provided the press with documents regarding minors at Texas Children’s Hospital who got gender-affirming care. Haim faces charges of four criminal violations of the Health...
on Jul 1
From netsec.news
Court Ruling Changes OCR’s Website Tracking Technology Guidance - NetSec.News
0 0
A Texas federal judge made a decision that the guidance set by the HHS’ Office for Civil Rights about website tracking technologies was illegal, stating that OCR went beyond its authority when it released the guidance. According to the judge, metadata obtained from an unauthenticated website is...
on Jun 26
From netsec.news
ComplianceJunction HIPAA Training Course Receives AHIMA Accreditation - NetSec.News
0 0
ComplianceJunction’s HIPAA training course has been accredited by the American Health Information Management Association (AHIMA), which means CEUs can be earned by completing the course.
on Jun 26
From netsec.news
2.8 Million Individuals Affected by Sav-Rx Data Breach - NetSec.News
0 1
Medication Benefit Management solutions provider to health plans, A&A Services based in Fremont, Nebraska, also known as Sav-Rx, encountered a cyberattack on October 8, 2023. It was confirmed that the Sav-Rx data breach affected the protected health information (PHI) of 2,812,336 people. A...
on Jun 26
From netsec.news
Email Accounts Compromised at Children’s Health Care - NetSec.News
0 1
Children’s Health Care in Minneapolis, MN, doing business as Children’s Minnesota, found out that patients’ protected health information (PHI) was compromised in an email security incident that was identified on March 13, 2024. Children’s Health Care is a large pediatric healthcare provider in...
on Jun 26
From netsec.news
Cyber Attack on the Snowflake Platform - NetSec.News
0 0
A financially driven threat actor monitored as UNC5537 is executing a cyber attack on Snowflake client databases. About 165 Snowflake clients are believed to have been impacted. Snowflake is a multi-cloud data storage platform that clients use for storing and analyzing large amounts of...
on Jun 26
From netsec.news
Is Wix HIPAA Compliant? - NetSec.News
0 1
Wix is not HIPAA compliant and websites built on the platform should not collect PHI unless an exception applies or PHI is isolated.
on Jun 26
From netsec.news
0 1
Ascension Cyberattack Investigation Ascension, the biggest nonprofit and Catholic health system in America, stated it is looking into a suspected cyberattack that has interrupted clinical operations. As a safety precaution, business associates have been instructed to disconnect from its systems....
on Jun 26
From netsec.news
0 1
Moffitt Cancer Center Impacted by the Advarra Data Breach Moffitt Cancer Center reported a data security breach that occurred at Advarra. Advarra is Moffitt Cancer Center’s provider of services associated with patient care and treatment as well as a research study. On October 26, 2023, Advarra...
on Jun 26
From netsec.news
0 1
PHI of 858K Individuals Exposed in Superior Air-Ground Ambulance Service Data Breach Superior Air-Ground Ambulance Service provides ambulance and Emergency Medical Services (EMS) in Michigan, Indiana, Illinois, Ohio, and Wisconsin. It reported the exposure and theft of the protected health...
on Jun 26
From netsec.news
0 1
Hypertension-Nephrology Associates Patients Affected by Data Theft Incident Hypertension-Nephrology Associates based in Michigan reported recently that it was targeted by a cyberattack last February 2024. An unidentified threat actor left a ransom note on its computer program requiring payment...
on Jun 26
From netsec.news
0 1
The Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, Multi-State Information Sharing and Analysis Center, and Department of Health and Human Services published a joint cybersecurity alert about the Black Basta ransomware variant. Threat actors used this...
on Jun 26
From netsec.news
Health Data Analytics Company Submits 1.1-Million Record Data Breach Report - NetSec.News
0 1
Berry, Dunn, McNeil & Parker, LLC (BerryDunn), an accounting and consulting company based in Portland, ME filed a data breach report with the Maine Attorney General that affected the personal data of 1,107,354 people. BerryDunn is a health data analytics services provider to healthcare...
on Jun 26
From netsec.news
0 0
On June 7, 2024, Senators Marsha Blackburn (R-TN) and Maggie Hassan (D-NH) sent a letter to UnitedHealth Group CEO Andrew Witty telling him to issue the notifications involving the ransomware attack on Change Healthcare on February 21, 2024. Affected individuals need to know about the ransomware...
on Jun 25
From netsec.news
Cencora/Lash Group Faces Class Action Lawsuit Over Cyberattack - NetSec.News
0 0
Cencora Inc. and The Lash Group LLC are facing a data breach-related lawsuit filed by plaintiff Keith Wolford. Allegedly, the defendants were unable to enforce reasonable and proper safety measures to protect the privacy of personally identifiable information (PII) and protected health...
on Jun 25
From netsec.news
FBI Recovers 7,000 Decryption Keys Through Operation Cronos - NetSec.News
0 0
The Federal Bureau of Investigation (FBI) advises LockBit ransomware attack victims to contact the Internet Crime Complaint Center (IC3). The FBI has secured over 7,000 decryption keys that past victims can use to retrieve their data files at no cost. During the 2024 Boston Conference on Cyber...
on Jun 25
From netsec.news
23andMe 2023 Data Breach Investigated by Security Regulators - NetSec.News
0 0
Data security regulators in the U.K. and Canada have started a mutual investigation of 23andMe concerning its 2023 data breach where about 7 million individuals or approximately 50% of its clients were impacted. 23andMe is a company offering direct-to-client genetic testing through DNA analysis...
on Jun 25
From netsec.news
Ransomware Attack on Synnovis Affects London Hospitals - NetSec.News
0 0
Synnovis, a UK-based medical laboratory services provider encountered a ransomware attack that disrupted patient services at several NHS hospitals in London. Operations at the following hospitals and care centers were affected: Guy’s Hospital King’s College Hospital St Thomas’ Hospital Evelina...
on Jun 25
From netsec.news
February 2024 Patch Tuesday: Microsoft Patches 73 Flaws; 2 0Days - NetSec.News
0 0
Microsoft has released patches to fix 73 flaws across its product suite, including 2 zero-day bugs that are being actively exploited.
on Mar 13