Established in 1996, the Health Insurance Portability and Accountability Act (HIPAA) has served as the benchmark for U.S. healthcare providers, health organizations, and entities handling health data to safeguard the privacy and security of electronic public health information (ePHI). It also stipulates penalties for non-compliance. In January 2025, the U.S.…
Data Breach Notification, Data Privacy, Data Security Ransomware Attack Reveals Critical Vulnerabilities in Healthcare Resilience and Vendor Dependency Marianne Kolbasuk McGee (HealthInfoSec) • February 21, 2025 The February 2024 ransomware attack on Change Healthcare disrupted operations for numerous healthcare providers and affected sensitive health data of 190 million individuals. (Image:…
Kroll’s Cyber Risk team has unveiled its 2025 Data Breach Outlook, indicating a dramatic shift in the landscape of cybersecurity threats. The healthcare sector emerged as the most targeted industry in 2024, accounting for a concerning 23% of all reported data breaches. This statistic reveals a notable increase from previous…
Title: Data Breach at IVF Provider Genea Raises Concerns Over Patient Security In a troubling cybersecurity incident, Genea, a leading in vitro fertilization (IVF) clinic in Australia, has confirmed unauthorized access to its data, raising alarm among its patients. The breach, characterized by the company as a “cyber incident,” is…
Cybersecurity Breaches in Healthcare: A Year of Alarming Data Compromises In February 2024, Change Healthcare publicly disclosed a significant cybersecurity breach, marking it as the largest healthcare data breach reported to federal regulators. Initially, the extent of this breach was not fully recognized, but it soon became clear that the…
Black Kite, a leader in third-party cyber risk intelligence, has released its sixth annual Third Party Breach Report, offering an in-depth analysis of public data breaches and regulatory findings from the previous year. The report highlights a troubling trend in 2024: a proliferation of “silent breaches” within extensive supply chains.…
Black Kite’s Third Party Breach Report Highlights Evolving Cyber Risks in 2024 In a recent release from Black Kite, a prominent player in third-party cyber risk intelligence, the findings of their sixth annual Third Party Breach Report reveal alarming trends regarding cybersecurity breaches over the past year. The report, which…
In August 2023, Hospital Sisters Health System (HSHS), a non-profit healthcare provider based in Illinois, experienced a significant cyberattack that compromised the personal and health information of over 882,000 patients. The breach, which occurred between August 16 and August 27, disrupted the organization’s operating systems and phone communication lines, as…
Title: Major Data Breach Hits Community Health Center, Inc., Affecting Over a Million Patients In a recent cyber incident, Community Health Center, Inc. (CHC), a federally qualified health center based in Connecticut, has reported a significant data breach following a sophisticated cyberattack. On January 2, CHC detected unusual activity that…
