Cybercrime, Data Breach Notification, Data Security Texas Incident Marks Largest Data Breach Reported by a Health Plan in 2025 Marianne Kolbasuk McGee (HealthInfoSec) • March 14, 2025 New Era Life Insurance Companies is notifying 355,500 individuals about a hack that compromised their information, the largest reported health data breach this…
New Era Life Insurance Suffers Major Data Breach Affecting Over 335,000 Individuals A significant cybersecurity incident has emerged from Texas, where New Era Life Insurance Companies has reported a data breach impacting more than 335,000 clients. This incident, which occurred in December 2024, has become the largest health-related data breach…
Cybercrime, Data Breach Notification, Data Security Texas Health Plan Reports Largest Data Breach of 2025 Marianne Kolbasuk McGee (HealthInfoSec) • March 14, 2025 New Era Life Insurance Companies is notifying 355,500 individuals of a data breach – the most significant health data incident reported by a health plan to federal…
In a recent discussion, Keith Fricke, a partner and principal consultant at tw-Security, highlighted ongoing vulnerabilities posed by legacy applications and medical devices within healthcare IT environments. Despite their susceptibility to cybersecurity risks, many organizations remain largely unaware of the extent of these outdated systems in their operational framework. Fricke…
Healthcare organizations are custodians of vast amounts of personal and financial data, rendering them attractive targets for cybercriminals. As the frequency of cyberattacks on this sector continues to rise, a notable shift is underway, as evidenced by a recent survey conducted by the Healthcare Information and Management Systems Society (HIMSS).…
Black Basta Cyberattack on Ascension Health Raises Concerns Over Healthcare Security In a significant cyber incident, the Black Basta ransomware group targeted Ascension Health, one of the largest Catholic healthcare providers in the United States, leading to widespread disruption in operations. The attack, which occurred in May 2024, resulted in…
Healthcare, HIPAA/HITECH, Industry Specific Health Industry Associations Express Concern Over Proposed Cybersecurity Regulations Marianne Kolbasuk McGee (HealthInfoSec) • February 27, 2025 A coalition of healthcare organizations urged the administration to withdraw the proposed HIPAA security rule update in a letter dated February 17 (Image: White House, CHIME, MGMA) A coalition…
Established in 1996, the Health Insurance Portability and Accountability Act (HIPAA) has served as the benchmark for U.S. healthcare providers, health organizations, and entities handling health data to safeguard the privacy and security of electronic public health information (ePHI). It also stipulates penalties for non-compliance. In January 2025, the U.S.…
Data Breach Notification, Data Privacy, Data Security Ransomware Attack Reveals Critical Vulnerabilities in Healthcare Resilience and Vendor Dependency Marianne Kolbasuk McGee (HealthInfoSec) • February 21, 2025 The February 2024 ransomware attack on Change Healthcare disrupted operations for numerous healthcare providers and affected sensitive health data of 190 million individuals. (Image:…
