All Posts

The Need for Change in Cybersecurity After more than 20 years in cybersecurity, I’ve learned to be skeptical. I’ve seen countless vendors promise to “revolutionize security,” only to deliver another dashboard we barely have time to check. I’m not easily impressed by the latest buzzwords, and I’ll admit I’m not the type who looks forward to sales demos. But even for a skeptic like me, it’s becoming clear that cybersecurity teams need to fundamentally rethink how we work. This

The American Hospital Association (AHA) is calling on the Food and Drug Administration (FDA) to develop evaluation standards and measurements to assess the impacts of medical tools that use artificial intelligence.  On Monday, AHA Senior Vice President for Public Policy Analysis and Development Ashley Thompson  responded to a request  from the FDA for an evaluation of AI-enabled medical devices. In the recommendation letter, she said the AHA supports AI policy frameworks that

CAMARILLO, Calif., Dec. 2, 2025 /PRNewswire/ — Gold Coast Health Plan (GCHP) recently discovered that one of its contracted business partners suffered a cyberattack that resulted in the potential disclosure of member information to an unauthorized third party. Conduent Business Solutions, a longtime administrative services vendor for GCHP, reported that the cyberattack compromised a single employee’s email account, permitting the attacker to gain access to some files between

(The Center Square) — A coalition of New York business groups is urging Gov. Kathy Hochul to veto a "restrictive" data privacy bill they say would drive up costs for health care consumers. The New York Health Information Privacy Act calls for extending the state's existing protections for personal health information beyond the scope of federal HIPAA regulations. The legislation would make it illegal to sell an individual’s regulated health information without their consent an

In today’s digital age, healthcare organizations face increasing challenges in protecting sensitive patient information. The rise of cyber threats, regulatory requirements, and the complexity of healthcare systems make data risk management a critical priority. Effective strategies can help healthcare providers safeguard data, maintain patient trust, and comply with legal standards. Understanding Data Risk Management in Healthcare Data risk management in healthcare involves id

South Korean President Lee Jae Myung on Tuesday demanded swift and severe penalties for those responsible for a massive data breach at e-commerce giant Coupang that exposed personal information belonging to more than 33 million customers. Lee called it “astonishing” that the company failed to detect the intrusion for five months and said the “scale of the damage is massive.”

In Re: Yale New Haven Health Services Corp. Data Breach Litigation    Filed: October 21, 2025 ◆ § 3:25-cv-00609-SRU    • Read Complaint   An $18M Yale New Haven Health settlement offers cash and medical data monitoring to those who may have been impacted by a massive data breach.

A customer service associate deployed at the National University Hospital (NUH) has been fined for repeatedly accessing confidential patient information without authorisation. Norkamelia Osman, 34, pleaded guilty to one charge under the Computer Misuse Act, with another similar offence taken into consideration during sentencing on Monday, December 1. According to court proceedings, Norkamelia began working as a customer service associate at Ng Teng Fong General Hospital in Ju

SEOUL, Dec 2 (Reuters) - South Korean President Lee Jae Myung on Tuesday called for increased penalties for corporate negligence in data breaches, saying a massive leak at e-commerce giant Coupang (CPNG.N) , opens new tab  had served as a wake-up call. The breach - resulting in personal data for some 33 million Coupang customers being leaked - was South Korea's worst in more than a decade. Coupang, which saw its New York-listed stock tumble 5% overnight, is now grappling with

CONNECTICUT — A proposed $18 million settlement tied to a Yale New Haven Health Services Corporation data breach affecting about 5.6 million people received preliminary court on Oct. 21. The breach, discovered in March, exposed private information including names, addresses, dates of birth, phone numbers, email addresses, race or ethnicity, Social Security numbers, patient types and medical record numbers, according to the settlement website. Those eligible to participate inc

I n today’s healthcare environment, protecting sensitive patient information is more critical than ever. With the rise of digital records and interconnected systems, healthcare providers face increasing risks from cyber threats and data breaches. Ensuring robust patient data protection is essential not only for compliance with regulations but also for maintaining patient trust and delivering quality care. The Importance of Protecting Patient Data in Healthcare Healthcare orga

ChristianaCare  has announced that a cybersecurity incident of its third-party electronic medical records vendor Oracle Health, formerly Cerner Corp., exposed patients' information and medical records. Delaware's largest health care provider did not release the number of affected patients, but letters are being mailed to patients whose information was involved in this incident. The data varied by patient, but it could include names; Social Security numbers; and patient medic

One of the county’s largest mental health service providers says the protected health information of some clients was shared without authorization. Metrocare Services  reported that nearly 8,600 clients may have been affected. The company said the issue began Sept. 9 when an employee sent an encrypted email from a work account to their personal email address, which was later shared on an unauthorized network. "We thoroughly investigated this incident and worked with the emplo

F our years after the cyberattack that crippled Hillel Yaffe Hospital, the vulnerabilities of Israel’s healthcare system remain glaring. Since the outbreak of the war in October 2023, Israel’s digital domain has turned into a front line: by year’s end, authorities recorded 3,380 cyberattacks, a 150% surge compared to previous years.   More than 800 of them carried “significant damage potential,” according to ynet. Microsoft’s 2025 Digital Defense Report places Israel as the w

Computer services that nursing homes utilize, as well as several other private companies, were targeted in an ongoing cyberattack Nursing homes  have fallen victim to a series of cyber attacks, the National Cyber Directorate announced on Thursday. Computer services that nursing homes utilize, as well as several other private companies, were targeted in an ongoing attack, prompting a response from the National Cyber Directorate , the Health Ministry, and the Social Affairs Min

A group of 10 individuals has filed a consolidated lawsuit against Frederick Health regarding a ransomware attack in January, claiming their personal information has been misused since the incident. The latest complaint filed on Oct. 23 comes after Montgomery County Circuit Court Judge Harry Storm granted multiple plaintiffs the ability to consolidate their cases regarding the attack.

The personal information of current and former hospice patients may have been exposed in a cyberattack targeting VITAS Healthcare, one of the largest hospice companies in the United States. VITAS discovered on Oct. 24 that an unauthorized party had gained access to certain network systems through a compromised vendor account, according to a company statement  about the data breach.

An Ontario hospital's privacy breach involving an AI transcription tool reveals how organizational oversights can undermine even the strongest data protection intentions. According to an investigation into the incident, the breach resulted from "two critical security gaps." First, a former physician used his personal email address in a meeting group, contrary to hospital policy. Second, the meeting organizer did not remove the physician from the meeting invite following his d

In a startling revelation that has sent waves across the healthcare and tech industries, Conduent, a leading business services provider, has confirmed a significant data breach impacting its healthcare division. This unprecedented incident has resulted in the exposure of 10.5 million records, raising questions about data security protocols and inviting serious legal scrutiny. In this blog post, we delve into the depths of the breach, its implications, and the ensuing legal co

Geisinger Health and Nuance Communications have agreed to a proposed settlement of a class action lawsuit related to a patient data breach. The breach, which occurred around Nov. 29, 2023, involved a former Nuance employee accessing the health system's records and the personal information of more than one million patients  two days after their job terminated. The Pennsylvania Court granted preliminary approval of a $5 million class action settlement on Tuesday and scheduled a