Category: cybersecurity

The U.S. government has charged the alleged mastermind of a hacking group that extorted hospitals.

Hospitals should be on the lookout for “vishing,” a new form of cybercrime that uses artificial intelligence, a health system CIO said.

Hackers accessed employee email accounts at Columbia, Md.-based MedStar Health, compromising the data of 183,079 patients, the health system said in a May 3 notice on its website. 

American Hospital Association President and CEO Rick Pollack said the recent hearings about the Change Healthcare hack have shed light on the extensive reach and influence of UnitedHealth Group, the parent company of Change. 

Hospitals are often concerned about sharing information about cyberattacks, even with one another, because of liability concerns, a health system CIO testified before Congress.

Three senators wrote a letter asking the U.S. Cybersecurity and Infrastructure Security Agency about its role in addressing the Feb. 21 breach on UnitedHealthcare’s subsidiary Change Healthcare, Bloomberg reported April 30. 

Hospitals continue to experience “financial and operational impacts” from the Change Healthcare hack more than two months after the cyberattack on the UnitedHealth Group subsidiary, the American Hospital Association said.

The ransomware group responsible for the Feb. 21 cyberattack on UnitedHealthcare subsidiary Change Healthcare used stolen credentials to remotely access the company’s systems, according to testimony from UnitedHealth CEO Andrew Witty. 

A hacker gained the log-in credentials of 23 employees of a Los Angeles-based health system during a recent phishing attack.

The Federal Trade Commission made changes to the Health Breach Notification Rule as it aims to better address the evolving landscape of health technology.