The list of ophthalmology practices and the number of individuals affected by a December hacking incident at a cloud-based electronic health records vendor, which resulted in deleted databases, are growing as more details about the attack slowly emerge.
In its most recent assault against a healthcare entity, ransomware-as-a-service operator AvosLocker claims to be behind an attack allegedly involving data theft from Texas-based CHRISTUS Health, which operates hundreds of healthcare facilities in the U.S., Mexico and South America.
The European Parliament and the Council of the European Union on Friday reached a provisional agreement to set a "baseline for cybersecurity risk management measures and reporting obligations." Called NIS2, it is a modernized framework based on the EU Network and Information Security Directive.
A recent ransomware attack disclosed by a medication management systems provider is the latest reminder of persistent cybersecurity threats and risks facing healthcare supply chain and related vendors, as well as their customers. What's at stake?
New York state officials are investigating a data breach at Illuminate Education, maker of a widely used software platform for K-12 schools. More than 1 million current and former New York students' personal details were exposed, and some students in California, Colorado and Connecticut were also affected.
The number of organizations being breached is on the rise, according to Forrester's 2021 State of Enterprise Breaches report. Allie Mellen describes the trend as "disappointing" and discusses the misaligned expectations some organizations have about breaches, as well as other report findings.
Ponemon Institute’s recent report highlights that most organizations do not have an enterprise-wide strategy for reducing the risk of authentication failures.
So, what happens to the significant cost to businesses when organizations are unable to verify user ID due to weaknesses in the authentication...
New cyber incident reporting rules are set to come into effect in the U.S. on May 1. Banks in the country will be required to notify regulators within 36 hours after an organization suffers a qualifying "computer-security incident." What does this mean for banks, and what are the likely challenges?
Recent incidents affecting the sensitive information of tens of thousands of individuals underscore the ongoing threats and risks facing organizations that handle health and other delicate personal information, including a community health center and a social services agency.
Half of the 10 largest health data breaches so far in 2022 - affecting millions of individuals - have been added to the federal tally in just the last month as the latest wave of major hacking incidents being reported to regulators continues to grow.
Insights to help you quantify security risk.
The Cost of a Data Breach Report offers insights that help you understand risk in a changing world. Understand broad trends, and dive deeper into factors that can amplify costs or help mitigate financial losses. Register for the report to discover:
Cost mitigation...
The American Dental Association allegedly was hit with an attack by new ransomware group "Black Basta." ADA is the latest medical professional organization to have a cyber incident disrupt services and potentially affect members' information. Tenet Health also experienced a cyberattack last week.
The Verizon 2021 Data Breach Investigations Report (2021 DBIR) examines more breaches than ever before, and sheds light on how the most common forms of cyber-attacks affected the international security landscape during the global pandemic. This year’s report saw 5,258 breaches from 83 contributors across the globe,...
The U.S. telecom carrier T-Mobile has confirmed that the Lapsus$ ransomware group has breached its internal network by compromising employee accounts. The company says hackers did not steal any sensitive customer or government information during the incident.
To answer questions about the state of their cybersecurity posture, CISOs need to have a rigorous process to measure and analyze cyber risk. Furthermore, understanding and quantifying risk levels is key to developing a bulletproof cybersecurity strategy.
In this eBook, we cover:
Why cyber risks arise and how to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.