A defunct ambulance company is notifying nearly 912,000 patients and employees that their archived records were compromised in an early 2023 data theft hack. The firm previously provided emergency care in the Boston region and administrative services to affiliated transportation companies.
The count of known U.S. organizations that fell victim to ransomware last year - whether or not they paid a ransom - surged from 220 to 321, and hospital systems, K-12 school districts and post-secondary schools were especially affected, researchers report.
State regulators fined a New York hospital $300,000 to settle privacy violations related to the organization's prior use of tracking tools in its websites and patient portal. Regulators said the hospital violated HIPAA rules in sharing patient information with third parties for marketing purposes.
The European Central Bank beginning this month will conduct cyber stress tests on banks to determine their resilience against cyberattacks. The agency is requiring 109 banks in Europe to perform vulnerability assessments and incident response evaluations by mid-2024.
Looking ahead to 2024, cybersecurity professionals and experts in artificial intelligence shared with ISMG their hopes for strong, responsible regulations and new partnerships with private sector stakeholders and international collaborators to keep pace with the evolving threat landscape.
It's time for companies dealing with non-HIPAA-regulated health information to plan their compliance with Washington state's My Health My Data Act, which goes into effect in the new year and affects organizations that are based in other states, said attorney James Hennessy of law firm Reed Smith.
The New York Times is suing OpenAI and its chief backer Microsoft for copyright infringement, alleging that OpenAI used without permission "millions" of its copyrighted articles to train the large language models used by ChatGPT and by extension Bing Chat and Copilot.
In this weekly update, four editors at Information Security Media Group delve into key 2023 cybersecurity issues, spotlighting efforts by the Biden administration, proposed U.S. healthcare cybersecurity laws, and crucial upcoming dates for the information security community.
Google reached a preliminary settlement in a class action lawsuit that alleged the tech giant had misled consumers about their privacy protections when using the private browsing Incognito mode of its Chrome web browser. The settlement came on the heels of a court ruling clearing the case for trial.
Albania's Parliament and a telecommunications service provider faced online attacks on Christmas day, according to the Albanian National Authority for Electronic Certification and Cyber Security. Iranian hackers called Homeland Justice have claimed responsibility for the latest wave of attacks.
This week in the cryptocurrency industry, Thunder Terminal successfully prevented a hack, Changpeng Zhao ranking 34th on a list of billionaires, Coinbase refuted a senator's allegations of subverting crypto regulations, and scammers stole $3 million in 24 hours using fake ads.
AI holds great promise for automating and improving many healthcare processes and tasks - including clinical decision support - but if some users become overly dependent on these systems, that could be potentially detrimental to patients, says attorney Lee Kim of HIMSS.
A new GAO report says federal agencies fail to provide health are providers and patients with enough resources and information to address critical vulnerabilities in a majority of medical devices in the U.S. that can result in "potential catastrophic impact to hospital operations and patient care."
British prosecutors have sentenced a teenager behind high-profile hacks while he was part of the now-inactive Lapsus$ hacking group. Arion Kurtaj, from Oxford, will remain in medical care after doctors declared he was unfit to stand for trial owing to severe autism.
The Federal Trade Commission has banned Rite Aid from using AI-based facial recognition technology for security surveillance for five years after the retail drug store chain failed to implement safeguards such as mitigating risks for inaccurate outputs based on race and gender.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.