New Zealand private health insurer Accuro says an investigation into a cyber incident at a third party IT infrastructure provider so far has not revealed evidence of a data breach affecting its 34,000 customers. Customers should expect delayed service in claims processing.
With the surge in ransomware and other major hacking incidents affecting third-party suppliers, it is more critical than ever for healthcare sector entities to diligently scrutinize threats and risks involving their vendors, says Denise Anderson, president and CEO of the Health-ISAC.
The U.S. federal government says the Cuba ransomware gang actively targets critical infrastructure and that its criminal efforts have netted it $60 million so far. The group has recently modified its techniques, says an alert from the FBI and the Cybersecurity and Infrastructure Security Agency.
Web3 companies are under attack by cybercriminals all year. After a compromise occurs, how should organizations respond? In Part 2 of this interview, Martin Derka of Web3 security firm Quantstamp discusses short-term and long-term mitigation steps and how to defend against cryptocurrency theft.
Based on known ransomware attacks against the healthcare sector, here's good news: The volume of attacks seems to have declined, says Allan Liska, a principal intelligence analyst at Recorded Future. Unfortunately, most such attacks not only trigger downtime but include the theft of patient data.
Is a four-month delay between learning your systems were breached and notifying affected customers acceptable? After spotting an attack in August, private utility South Staffordshire Water in England is only beginning to alert customers that they're at risk of identity theft.
The Russia-based ransomware gang behind the hack of Australia's largest private health insurer says it posted a full set of stolen data. The Australian Information Commissioner said it will probe the insurer's personal information handling practices.
Ransomware-wielding attackers have myriad tactics for extorting victims, including demanding a stand-alone ransom for a promise to delete stolen data. But Coveware's Bill Siegel urges victims to never pay for such promises, in part because they rarely - if ever - get honored.
The latest edition of the ISMG Security Report discusses why too few organizations admit to being victims of ransomware attacks, how delayed enterprise subscription start dates forced CrowdStrike to cut sales forecasts, and leveraging threat intelligence to protect critical infrastructure.
Threat actors are targeting Web3 and making off with billions in stolen cryptocurrency. How do they find vulnerabilities and plan and execute attacks? How can you defend against such attacks? Martin Derka of Web3 security firm Quantstamp shares insights by walking a mile in a hacker’s shoes.
As three Brooklyn safety net hospitals grapple with the aftershocks of a Nov. 19 cyber incident, sources say other area hospitals are complaining about a lack of transparency. One Brooklyn Health System has been tight-lipped about the cause of the outage, which is suspected to involve ransomware.
A British judge ordered cryptocurrency trading platforms to divulge the identities of account holders accused of holding funds stolen from an English digital assets exchange. A change in civil procedure makes it easier for English judges to subpoena foreign entities in cases of financial fraud.
U.K. businesses shy from involving police in cyber incident response for fear of regulatory consequences, lawmakers sitting on Parliament's Joint Committee on National Security Strategy heard. Allowing businesses to anonymously disclose incidents would result in more data, suggested a witness.
Is the ransomware problem getting better or worse? Unfortunately, gauging attack trends continues to be complicated by the fact that many incidents never come to light publicly and many victims are hesitant to say "ransomware" when describing what hit them, says Comparitech's Rebecca Moody.
RegScale has purchased a startup founded by the FCC's former chief data officer that makes documenting compliance easier for nontechnical personnel by using a questionnaire. The GovReady deal means customers will be able to demonstrate their adherence to standards by answering questions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.