The Biden administration's strategy for bolstering health sector cybersecurity, which includes newly released voluntary cyber performance goals and plans to update the HIPAA Security Rule, is fueling uncertainty in some organizations, said privacy attorney Iliana Peters of law firm Polsinelli.
Breathless reports claim 3 million IoT toothbrushes have been remotely compromised and used to target unsuspecting businesses via distributed denial-of-service attacks. Just one problem: This story has more holes in it than the teeth of kid with a 10-pack-a-day Gummy Bear habit.
HHS has fined a New York City medical center $4.75 million to settle potential HIPAA violations discovered during an investigation into a hospital insider who sold patient data to identity thieves in 2013. The hospital said it has beefed up its security and privacy since the incident occurred.
A federal judge has denied Kochava's latest attempt to ditch a Federal Trade Commission lawsuit alleging the firm is invading consumers' privacy and exposing them to risk by collecting and selling their location data to third parties. The FTC is also pursuing other cases against data brokers.
In the latest weekly update, ISMG editors discussed the potential role of AI in cloud security, how the recent cyberattack on Microsoft by Russian state hackers highlighted the vulnerabilities associated with legacy systems, and how to secure APIs in the age of zero trust.
Proposed legislation called the "snoopers' charter," which would allow British intelligence agencies to collect data on a large scale, cleared further parliamentary scrutiny this week despite mounting criticism from privacy advocates, watchdog groups and technology companies.
Two Chicago hospitals are navigating the effects of recent cyberattacks. One, a children's hospital, has taken its IT network offline to respond to an incident, and the other, a nonprofit safety-net hospital, is being shaken down by cybercriminals asking for a hefty ransom in return for stolen data.
Uber must pay a fine of 10 million euros to the Dutch data protection authority after the agency found the ride-hailing app maker had not been transparent about how long it kept driver data and which employees outside of Europe had access to the data.
A federal jury said Wednesday that Palo Alto Networks directly violated another cybersecurity firm's patent rights for a "threat intelligence gateway" network security technology and awarded Centripetal Networks more than $150 million in the verdict.
The Federal Trade Commission is the latest regulatory agency taking action against fundraising and customer relationship management software provider Blackbaud in the aftermath of a 2020 ransomware incident that compromised the data of tens of thousands of clients and millions of consumers.
Thanks to the massive Anthem hack, for nearly a decade 2015 has been the record year for U.S. health data breaches - with 112.5 million people affected. But 2023 shattered that record, big-time. Will 2024 be another banner year for health data compromises?
Multiple Information Sharing and Analysis Centers decried a proposed incident reporting measure for vendors selling to the U.S. federal government as being costly and ineffective. The proposal will affect three of every four contracts in which the government is a contracting party.
Social media accounts - especially those tied to government agencies, big-name companies and high-profile individuals - continue to be a top target for takeover by fraudsters and scammers, especially when it comes to X, formerly known as Twitter. What's the best way to keep these accounts secure?
Getting the health sector to vastly improve the state of its cybersecurity will take much more than the recent issuance of federal guidance outlining cyber performance goals for entities. It will also require new government incentives and mandates, said Steve Cagle, CEO of consultancy Clearwater.
A federal judge has again given the green light for a proposed consolidated class action lawsuit against Meta to proceed. The litigation claims the firm unlawfully collected patient data from the websites of hospitals and other providers through the use of its Pixel tracking tool.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.