October 24, 2024 at 11:57PM UnitedHealth confirmed a ransomware attack on Change Healthcare exposed personal information of over 100 million individuals, making it the largest healthcare data breach in recent years. The attack, attributed to the BlackCat group, caused significant operational disruption and resulted in an estimated $2.45 billion in losses for UnitedHealth. ### Meeting … Read more
October 24, 2024 at 05:19PM A recent study reveals that nearly 400 US healthcare organizations experienced ransomware attacks this fiscal year, leading to compromised data, operational disruptions, and increased patient volume. The average ransom paid has reached $4.4 million, highlighting healthcare’s vulnerability and the involvement of various nation-state actors in these cyberattacks. **Meeting Takeaways:** 1. … Read more
October 24, 2024 at 06:46AM This year, ransomware impacted 389 US healthcare organizations, risking patient safety and costing up to $900,000 daily in downtime. Attacks led to increased emergency cases and dwindling survival rates. Organized groups, primarily Iranian, have intensified these intrusions, facilitated by ransomware-as-a-service and geopolitical factors. **Meeting Takeaways:** 1. **Ransomware Impact on Healthcare:** … Read more
September 19, 2024 at 08:24AM The healthcare industry faces a critical need for cybersecurity due to increasing cyberattacks, with ransomware holding hospitals’ systems hostage and causing patient care disruptions. Poor cybersecurity hygiene exposes vulnerabilities, leading to devastating consequences. Healthcare organizations can improve by continuous monitoring, 24×7 security operations, third-party risk management, regular patching and encryption, … Read more
April 10, 2024 at 05:22PM MedSec, a medical device security firm, has launched the Hospital Roadmap to Resilience ProgramSM, assisting hospitals in enhancing cybersecurity to protect patients. With a focus on resource-constrained hospitals, the program offers foundational policies, processes, and procedures, enabling informed risk decisions and basic network risk management. MedSec aims to address the … Read more
January 8, 2024 at 01:29PM Threat actors are targeting medical institutions through “swatting,” a form of pressure tactic involving fake bomb threats to force hospitals to pay ransom demands. Intrusions at Fred Hutchinson Cancer Center and Integris Health illustrate the escalation in cyber-extortion tactics. It remains to be seen whether these measures will yield ransom … Read more
December 27, 2023 at 04:06PM German hospital network KHO confirmed a Lockbit ransomware attack on three hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford, impacting their IT systems. Patient treatment continues, but emergency care is unavailable, leading to potential delays. Investigations are ongoing, and it’s unclear if patient data was stolen. Technical restrictions are in place, but … Read more
December 6, 2023 at 10:01AM The FDA and ONC are creating guidelines for AI in healthcare, focusing on transparency, data quality, and model validation. The ONC’s new rules aim to certify EHRs with fair and safe decision support tools. Healthcare companies are advised that AI tools must be safe, effective, explainable, and secure. **Clear Takeaways … Read more