Third-Party Risk Management, Governance & Risk Management, Healthcare New Guide Aims to Help Organizations Focus on Vendor Risks Strategically Marianne Kolbasuk McGee ( HealthInfoSec) • October 8, 2025 The SMART Toolkit from the Health Sector Coordinating Council aims to assist healthcare entities in managing third-party risk effectively. (Image: HSCC) The…
3rd Party Risk Management, Data Breach Notification, Data Security Recent Breaches Uncover Cyber Risks to Patient Records Associated with Third-Party Vendors Marianne Kolbasuk McGee (HealthInfoSec) • September 24, 2025 Healthcare providers frequently face IT interruptions and the cleanup of data breaches involving third-party vendors. (Image: Getty Images) The healthcare sector…
Certainly! Here’s a rewritten version of the provided content tailored for a tech-savvy professional audience, focusing on clarity and factual reporting while incorporating relevant cybersecurity frameworks. Cyber Threat Landscape in 2024: Rising Challenges for SaaS Security As we approach the end of 2024, the cybersecurity landscape reveals a troubling surge…
Ransomware incidents have surged dramatically within the healthcare sector, revealing critical vulnerabilities that threaten millions. Notably, UnitedHealth has reported that 190 million Americans suffered personal and healthcare data breaches due to a ransomware attack on Change Healthcare, nearly doubling earlier estimates. This incident underscores how ransomware can effectively compromise essential…
Navigating New Cyber Threats: The Shift from Third-Party Vendors to U.S. Tariffs in Supply Chain Security
Apr 16, 2025
Artificial Intelligence / Software Security
Introduction
Cyber threats aimed at supply chains are becoming increasingly concerning for businesses across various sectors. As companies deepen their reliance on third-party vendors, cloud services, and global logistics, cybercriminals are seizing opportunities to exploit vulnerabilities in these interconnected systems. By first targeting a third-party vendor with unnoticed security flaws, attackers can establish a foothold, using these weaknesses to penetrate the networks of primary business partners. This allows them to move laterally through vital systems, ultimately accessing sensitive data, financial assets, intellectual property, or even operational controls. Recent high-profile incidents, such as the 2024 ransomware attack on Change Healthcare—one of the largest health payment processing firms—illustrate how attackers can disrupt supply chain operations and compromise millions of patients’ protected health information (PHI), stealing up to 6TB of data.
New Cyber Threats Emerging in Supply Chains: From Third-Party Vendors to U.S. Tariffs April 16, 2025 Artificial Intelligence / Software Security As businesses increasingly rely on third-party vendors and cloud services, cyber threats targeting supply chains have surged to the forefront of corporate concerns. Cybercriminals are keenly aware of the…
Navigating New Cyber Threats: The Shift from Third-Party Vendors to U.S. Tariffs in Supply Chain Security
Apr 16, 2025
Artificial Intelligence / Software Security
Introduction
Cyber threats aimed at supply chains are becoming increasingly concerning for businesses across various sectors. As companies deepen their reliance on third-party vendors, cloud services, and global logistics, cybercriminals are seizing opportunities to exploit vulnerabilities in these interconnected systems. By first targeting a third-party vendor with unnoticed security flaws, attackers can establish a foothold, using these weaknesses to penetrate the networks of primary business partners. This allows them to move laterally through vital systems, ultimately accessing sensitive data, financial assets, intellectual property, or even operational controls. Recent high-profile incidents, such as the 2024 ransomware attack on Change Healthcare—one of the largest health payment processing firms—illustrate how attackers can disrupt supply chain operations and compromise millions of patients’ protected health information (PHI), stealing up to 6TB of data.
A recent cyber breach involving Allianz Life has led to the exposure of personal information for approximately 1.1 million individuals. This incident adds to a concerning trend of significant data breaches affecting major U.S. corporations, including Microsoft Corporation MSFT and UnitedHealth Group Inc. UNH. Allianz Life Data Compromise Affects Millions…
Data Privacy, Data Security, Healthcare Healthplex, a UnitedHealth Group Subsidiary, Fined for Lacking MFA on Compromised Email Account Marianne Kolbasuk McGee (HealthInfoSec) • August 18, 2025 New York State fined a dental plan administrator owned by insurer UnitedHealth Group $2 million for failing to protect data with multifactor authentication. (Image:…
Data Breach at UnitedHealth Group Affects 192.7 Million Individuals Recent reports from the U.S. Department of Health and Human Services reveal that the data breach involving UnitedHealth Group last year impacted the personal information of approximately 192.7 million individuals. This figure surpasses the initial estimate of 190 million disclosed by…
Data Breach Notification, Data Privacy, Data Security Lawmakers Press UnitedHealth Group for Clarification Following New Breach Marianne Kolbasuk McGee (HealthInfoSec) • August 7, 2025 Recent developments have placed UnitedHealth Group (UHG) in a precarious position following the revelation of a significant breach involving its subsidiary, Episource, which reportedly affects 5.4…
