Millions of Americans will soon receive a breach notification letter from Change Healthcare, which said on Monday that it has started the process of notifying victims of the massive cyberattack and data theft incident first detected more than five months ago.
Health benefits administrator HealthEquity, which earlier this month reported to the U.S. Securities and Exchange Commission a hacking incident involving the compromised credentials of a vendor, has now told state regulators that the breach affected the information of 4.3 million individuals.
U.S. hospital chain Ascension has filed a placeholder breach report to federal regulators saying its May 8 ransomware attack affected at least 500 individuals. Meanwhile, the waiting game continues for Change Healthcare's official data breach report and individual notifications.
Healthcare groups should consider several key points about a recent Texas federal court ruling and its impact on the use of online tracker technology on the healthcare websites of HIPAA-regulated organizations, said privacy attorney Iliana Peters of the law firm Polsinelli.
Hacks and vendor incidents continue to dominate major health data breach trends in 2024, but a handful of large incidents involving "unauthorized access or disclosure" also top the list of major health data breaches reported to federal regulators so far this year. How are trends shifting?
HealthEquity, which administers healthcare benefits plans for employers, has notified the U.S. Securities and Exchange Commission of a data exfiltration breach involving the compromised credentials of a third-party vendor. The incident did not disrupt IT systems or processes.
A Chicago pediatrics hospital is notifying nearly 800,000 people that their information was compromised in a ransomware attack earlier this year. Cybercrime group Rhysida had demanded a $3.4 million ransom for data it claims to have stolen in the incident. The hospital said it did not pay.
The U.S. Department of Health and Human Services has hit a Pennsylvania-based healthcare system with a $950,000 settlement for potential HIPAA violations found during an investigation into a 2017 ransomware attack involving NotPetya. It's HHS' third enforcement action in a ransomware case.
Two weeks ago, Change Healthcare began notifying thousands of medical practices about a massive data breach affecting millions of patients. The healthcare software firm says it will handle breach notifications, but industry groups want to ensure the government will go along with that plan.
Infosys McCamish Systems, an insurance software product and services vendor, is notifying nearly 6.1 million people of a 2023 ransomware incident that potentially comprised their sensitive data, including Social Security numbers, medical treatment, and financial and biometric information.
Change Healthcare says it has begun to notify customers whose data was compromised in the February ransomware attack that affected scores of healthcare providers, health insurance plans and other organizations. The company will begin to notify affected individuals in late July.
A Texas federal court ruled the U.S. Department of Health and Human Services overstepped its authority in guidance warning HIPAA-regulated entities that it's unlawful to use online tracking tools to capture IP addresses in visits to websites containing information about maladies.
A Minnesota-based radiology practice is notifying more than 500,000 individuals that their information was accessed and potentially acquired by hackers. The incident is one of several major health data breaches reported by radiologists in recent months as affecting hundreds of thousands of patients.
Blackbaud will pay $6.75 million and improve its data security practices under a settlement with California's attorney general. The settlement is the latest between the fundraising software firm and state and federal regulators in the wake of a 2020 hack that compromised sensitive data of millions.
It's critical for CISOs to study what went wrong in major ransomware IT disruptions and breaches hitting the healthcare sector and to look closely within their own organizations for similar gaps or vulnerabilities, said Michael Prakhye, CISO of Adventist HealthCare.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.