In its initial legislative agenda, the United Kingdom's newly elected Labour government has introduced a new cybersecurity bill in a bid to address rising cyberthreats to the country. The bill seeks to reduce the severity of cyberattacks on essential services and improve cybersecurity preparedness.
Fallout from the February ransomware hit on Change Healthcare, including the theft of data pertaining to up to one-third of Americans, has so far led to $2 billion in costs and may yet reach $2.5 billion, says parent company UnitedHealth Group.
Hacks and vendor incidents continue to dominate major health data breach trends in 2024, but a handful of large incidents involving "unauthorized access or disclosure" also top the list of major health data breaches reported to federal regulators so far this year. How are trends shifting?
Regulators in several states are warning consumers to stay vigilant against identity theft and fraud crimes as millions of patients across America await notification from Change Healthcare to learn whether they were affected by a massive February ransomware attack and data breach.
A Pennsylvania-based debt collector originally told regulators in April that a hacker compromised the personal identifiable information of 1.9 million people. Now the company says the data breach affected more than 4 million people and included patient medical information.
A Chicago pediatrics hospital is notifying nearly 800,000 people that their information was compromised in a ransomware attack earlier this year. Cybercrime group Rhysida had demanded a $3.4 million ransom for data it claims to have stolen in the incident. The hospital said it did not pay.
Two weeks ago, Change Healthcare began notifying thousands of medical practices about a massive data breach affecting millions of patients. The healthcare software firm says it will handle breach notifications, but industry groups want to ensure the government will go along with that plan.
Infosys McCamish Systems, an insurance software product and services vendor, is notifying nearly 6.1 million people of a 2023 ransomware incident that potentially comprised their sensitive data, including Social Security numbers, medical treatment, and financial and biometric information.
Microsoft is alerting its customers whose data may have been accessed by Russian state hackers following a January attack that compromised the emails of company executives. Microsoft also shared a link to a custom-built secure system that customers can use to review their stolen data.
An ex-employee of Microsoft's Nuance Communications unit is at the center of a 2023 data breach that affected more than 1 million patients of Pennsylvania-based healthcare system Geisinger. The Department of Justice has criminally charged the former Nuance worker in the incident.
Change Healthcare says it has begun to notify customers whose data was compromised in the February ransomware attack that affected scores of healthcare providers, health insurance plans and other organizations. The company will begin to notify affected individuals in late July.
In the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.
A Minnesota-based radiology practice is notifying more than 500,000 individuals that their information was accessed and potentially acquired by hackers. The incident is one of several major health data breaches reported by radiologists in recent months as affecting hundreds of thousands of patients.
Medibank's lack of MFA on its global VPN allowed a hacker to use credentials stolen from an IT services desk contractor to access the private health insurer's IT systems in 2022, leading to a dark web data leak affecting 9.7 million individuals, Australian regulators said in court documents.
Two U.S. senators are demanding UnitedHealth Group report a HIPAA breach and notify affected individuals no later than June 21, alleging the company is already violating HIPAA by dragging out the notification process in the aftermath of the Feb. 21 cyberattack on Change Healthcare.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.