HealthITSecurity

The federal government urged organizations to prioritize remediate known vulnerabilities, segment networks, and enable multifactor authentication to lower the risk of Rhysida ransomware. - healthitsecurity.com/news/fbi-cisa-…

Zero-day attacks pose significant dangers to the healthcare sector, but defenders can mitigate risk by patching early and often. - bit.ly/3ZyyvAW

The Health Industry Cybersecurity Practices (HICP) publication can be a key asset to improving cybersecurity within healthcare organizations of all sizes. - healthitsecurity.com/features/what-…

While security budget growth continues on an upward trend, new research shows that healthcare and other sectors are increasing their budgets by a smaller amount this year compared to last year. - bit.ly/45bRQsZ

As new state-level data privacy laws go into effect, digital health companies will have to navigate unforeseen compliance complexities. - bit.ly/3Py4VXU

A skilled nursing facility in Colorado will pay a fine and take corrective actions for allegedly failing to protect patient and employee data during a 2021 data breach. - bit.ly/3REhtzG

Abnormal Security observed a 167% increase in advanced email attacks in 2023, including business email compromise (BEC), phishing, malware, and extortion. - healthitsecurity.com/news/advanced-…

Nuance Communications notified more than 1.2 million individuals of a breach stemming from the MOVEit vulnerability. - bit.ly/3Lz9D6g

HC3 shed light on the tactics of North Korean and Chinese cyber threat actors that pose a risk to the healthcare sector, such as APT43 and APT41. - healthitsecurity.com/news/hc3-detai…

According to the lawsuit, IU Health failed to protect patient privacy and committed HIPAA violations after a 10-year-old rape victim’s abortion story was leaked to the press. - bit.ly/3PG38RM

At the HIMSS Healthcare Cybersecurity Forum, HHS representatives discussed healthcare cybersecurity focus areas for the next 12 to 24 months. - bit.ly/48fmIM4

The largest publicly operated health plan in the US paid $1.3 million to conclude two OCR HIPAA violation investigations stemming from data breaches. - bit.ly/3Phjrmy

The DOJ charged multiple Russian cybercriminals over their involvement in Trickbot malware and Conti ransomware operations, including the Conti attack on Scripps Health. - healthitsecurity.com/news/doj-charg…

Top risks to healthcare cybersecurity include notorious ransomware groups, unpatched vulnerabilities, and the sector’s reliance on technology. - bit.ly/3Pd1SnA

The healthcare accreditation organization urged healthcare organizations to form a downtime planning committee and take other actions to prioritize patient safety after a cyberattack. - healthitsecurity.com/news/joint-com…

Along with international partners, the FBI disrupted Qakbot malware and seized more than $8.6 million in cryptocurrency. - bit.ly/3Ejm9mA

The MOVEit hack and other third-party data breaches continue to impact healthcare entities across the country, this week’s data breach roundup shows. - bit.ly/3PftvOh

UnitedHealthcare paid an $80,000 settlement to HHS, marking the 45th case settled under OCR’s Right of Access Initiative. - bit.ly/44ut72C

Despite an overall decrease in healthcare data breach volume in the first half of the year, the number of records compromised increased by 31% compared to the second half of 2022. - bit.ly/45HW2Bx

Advocate Aurora Health suffered a data breach last year that impacted 3 million individuals, stemming from its use of tracking pixels. - bit.ly/3YJR9FC