It all happened in less than 48 hours: a ransomware attack, vital hospital computer systems shut down, a bitcoin payment secured on the dark web, and decryption codes used to make systems operational again. A cyberattack no one saw coming in January 2018 taught Hancock Regional Hospital officials a valuable lesson: Investing in cybersecurity is crucial.

Sacramento, Calif.-based Sutter Health patients filed a lawsuit against the health system for allegedly sharing patients' private information, attained through the health system's website, with technology giants such as Facebook and Google, Courthouse News Service reports.

Florida law firm Morgan & Morgan filed a class-action lawsuit on June 12 in New Jersey against Quest Diagnostics after the laboratory testing company disclosed that it had experienced a data breach that exposed 11.9 million patients, according to the Connecticut Law Tribune.

Humana has notified 5,569 members of a security incident that exposed members' personal information.

Many hospitals — 83 percent — have seen an influx in the number of cyberattacks in the past year, according to a survey by cybersecurity firm Carbon Black.

Quest Diagnostics and Laboratory Corp. of America will likely not face any reputational damages or client losses following a data breach that exposed the information of nearly 20 million patients combined because they have such strong positions in the clinical lab market, according to Moody's.

Kingman (Ariz.) Regional Medical Center is notifying patients of a potential security incident that has left its website down since April 8, the Daily Miner reports.

The Vermont Supreme Court has ruled that patients can file lawsuits against hospitals and employees for privacy breaches, according to the HIPAA Journal.

For hospitals and health systems looking to overhaul or update their security infrastructure, there are three things to consider, according to Fawn Staerkel, director of strategic accounts at Johnson Controls and cited by Campus Safety Magazine.

Grand Rapids, Mich.-based Mercy Health began notifying approximately 1,000 patients on May 24 about a data breach that may have exposed patient data, according to mlive.com.

Senators have begun investigating the Quest Diagnostic and Laboratory Corp. of America vendor data breach that exposed nearly 20 million patients, according to The Hill.

Opko Health is the third healthcare company to learn its patients were affected in the American Medical Collection Agency data breach, according to Reuters.

Since Jan. 1, hospitals and health systems have experienced varying sized data breaches. Some had to alert close to 1 million patients their information may have been exposed, while others only issued notices to a few hundred.

Hackers may soon be able to steal passwords and other data by simply analyzing the sounds of typing on different devices, according to The Wall Street Journal.

Medical testing company Laboratory Corp. of America learned 7.7 million of its patients may have had their data exposed in the same vendor breach as Quest Diagnostics, according to The Wall Street Journal.

Some personal information from University of Chicago Medicine patients and donors was mistakenly exposed on June 3, the health system confirmed to the Chicago Tribune.

Premera Blue Cross has agreed to settle a data breach lawsuit that was brought against the insurer after a cyberattack in May 2014 exposed 10.6 million patients.

Numerous privacy incidents at hospitals, IT suppliers and other healthcare organizations captured public attention last month.

The reasons the password "123456" is made for an email account is often attributed to ignorance or laziness; however, other weak passwords are not because they are random, but personal to users, according to an opinion piece in The Wall Street Journal by Dr. Karen Renaud of Abertay University in Dundee, Scotland.

Jeff Tully, MD, pediatrician, anesthesiologist and security researcher affiliated with University of California Davis Medical Center, has extensive expertise in medical device cybersecurity.