Cybersecurity

The Department of Health and Human Services submitted proposed updates to the 20-year-old HIPAA Security Rule to the White House for review, aiming to enhance the cybersecurity protections for electronic health information, GovInfoSecurity reported Oct. 23.

In 2024, Iranian hackers emerged as the most active cyber attackers targeting healthcare organizations, an Oct 22 report from Microsoft found. 

It's not just cyberattacks. Hospital IT leaders have to be on the lookout for another way they could lose their data: "rage deletion."

In 2024, 389 U.S. healthcare institutions were hit by ransomware, which led to widespread network shutdowns, offline systems, delays in critical medical procedures and the rescheduling of appointments, an Oct. 22 report from Microsoft found. 

Change Healthcare continues to see business disruption from the February cyberattack as its leadership team aims to modernize the technology platform and win back customers.

Nashville, Tenn.-based Vanderbilt University Medical Center is alerting its employees to the rising threat of "vishing," a form of AI-generated voice phishing.

A CMS contractor has agreed to pay a $306,722 fine for not securing screenshots of patient data.

Boston Children's Health Physicians reported patient data exposure after a third party vendor suffered a data breach.

A federal grand jury indicted two Sudanese nationals for cyberattacks including a 2024 hack of Los Angeles-based Cedars-Sinai.

Iranian hackers are increasingly targeting healthcare organizations, using "brute force" and password spraying attacks to compromise user accounts and gain unauthorized access to sensitive systems.