Fallout is mounting, and new developments are emerging in several high-profile health data hacks. Data breaches reported in recent weeks and months at a medical transcription vendor, a hospital chain and a law firm are affecting a growing list of clients and individuals - and triggering lawsuits.
Ivanti issued an urgent alert to users of its endpoint security product to patch a critical vulnerability that exposes systems to potential exploitation by unauthorized attackers. The SQL injection vulnerability tracked as CVE-2023-39336 is in all supported versions of Ivanti Endpoint Manager.
The U.S. Department of Justice announced Friday that it has wrapped up its investigation of the xDedic dark web marketplace and successfully dismantled the multinational criminal organizations, leading to charges against 19 individuals, including administrators, developers and customer service reps.
Mimecast announced the acquisition of human risk management solutions specialist Elevate Security as part of its initiative to enhance digital workplace protection. The move aims to address evolving cyberthreats by offering insights into human behaviors and risks and empowering customers.
A proposed settlement has been reached between Merck & Co. and several insurers that were appealing a 2023 court decision saying the insurance companies could not invoke "hostile warlike action" exclusions in refusing to pay drugmakers' claims filed after the 2017 NotPetya cyberattack.
In the wake of an apparently weak password being harvested by information-stealing malware and used to disrupt telecommunications giant Orange Spain's internet traffic, an expert is warning all organizations to beware of copycat attacks - and to lock down their internet registry accounts.
In the latest weekly update, four ISMG editors discussed the number of ransomware victims who are paying a ransom to cybercriminals, the need for greater cyber resilience during wartime, and the critical role of human risk management in organizational cybersecurity in the era of remote work.
It's a new year, but federal regulators are beating an old HIPAA drum: The Department of Health and Human Services has hit a New Jersey medical practice with a $160,000 settlement in the agency's 46th enforcement action involving HIPAA complaint about right of access to health records.
Accenture has finalized its acquisition of U.K. tech consultancy firm 6point6, which specializes in cybersecurity, cloud and digital transformation solutions. The acquisition will add 6point6's 400 staffers to Accenture in support of its business in the U.K. market.
An upstate New York hospital group has filed a lawsuit against cybercriminal group LockBit in a legal maneuver aimed at forcing a Boston-based cloud services firm to turn over patient data LockBit had stolen from the entities last summer and allegedly stored on the tech company's servers.
Mobile password managers are different from computer-based password managers due to different constraints found in the mobile operating system, said Ankit Gangwal, assistant professor at the International Institute of Information Technology. He shed light on the risks introduced by AutoSpill.
The court system of Victoria said it had experienced a serious cybersecurity incident in late 2023 that gave hackers access to video recordings of proceedings at multiple courts, including the Supreme Court and the County Court. The hack took place on Dec. 8 and was discovered two weeks later.
A hacking incident at a New Jersey-based vendor of artificial intelligence-enabled population health management services that involved a network server has affected more than a dozen of its healthcare clients across the country and nearly 4.5 million of their patients.
Chase Cunningham discusses his new book, "How NOT to Lead: Lessons Every Manager Can Learn from Dumpster Chickens, Mushroom Farmers, and Other Office Offenders,” which details critical errors that can undermine your cybersecurity leadership and jeopardize your reputation and your company's future.
A defunct ambulance company is notifying nearly 912,000 patients and employees that their archived records were compromised in an early 2023 data theft hack. The firm previously provided emergency care in the Boston region and administrative services to affiliated transportation companies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.