Category: cybersecurity

Why hospitals are tight-lipped about cyberattacks

Hospitals are often concerned about sharing information about cyberattacks, even with one another, because of liability concerns, a health system CIO testified before Congress.

Senators probe cyber agency about role in Change hack

Three senators wrote a letter asking the U.S. Cybersecurity and Infrastructure Security Agency about its role in addressing the Feb. 21 breach on UnitedHealthcare’s subsidiary Change Healthcare, Bloomberg reported April 30. 

Hospitals still affected by Change hack, AHA says

Hospitals continue to experience “financial and operational impacts” from the Change Healthcare hack more than two months after the cyberattack on the UnitedHealth Group subsidiary, the American Hospital Association said.

UnitedHealth CEO: Hackers used stolen credentials to access Change systems

The ransomware group responsible for the Feb. 21 cyberattack on UnitedHealthcare subsidiary Change Healthcare used stolen credentials to remotely access the company’s systems, according to testimony from UnitedHealth CEO Andrew Witty. 

Hacker infiltrates emails of 23 employees at California health system

A hacker gained the log-in credentials of 23 employees of a Los Angeles-based health system during a recent phishing attack.

FTC makes changes to healthcare breach reporting

The Federal Trade Commission made changes to the Health Breach Notification Rule as it aims to better address the evolving landscape of health technology. 

MGMA seeks clarity on breach notification burden in wake of Change cyberattack

The Medical Group Management Association is seeking clarity from the HHS’ Office for Civil Rights regarding who carries the burden of providing HIPAA-required breach notifications to both the federal government and affected patients following the Chang…

Kaiser notifies patients of breach, 3rd-party data sharing

Oakland, Calif.-based Kaiser Permanente is notifying current and former patients that it shared information with third-party advertisers, TechCrunch reported April 25. 

Hospitals bulk up cybersecurity teams, budgets

Healthcare cybersecurity budgets and teams have grown significantly since 2019 as threats become more pronounced, according to an April 2024 report from Moody’s Investors Service.

Change Healthcare: Identifying stolen data will take months

UnitedHealth Group’s Change Healthcare said it will take several more months to identify the personal data that was compromised from its Feb. 21 cyberattack, The Wall Street Journal reported Feb. 25.