All Posts

On May 22, 2025, Emanuel Medical Center detected suspicious activity on its computer systems. The investigation revealed that an unauthorized third party accessed a portion of the hospital’s systems between May 21 and May 24, 2025. Sensitive files containing personal and health information were present in the affected systems. After discovering the breach, Emanuel Medical Center secured its systems, engaged cybersecurity experts, and notified law enforcement. A data-review fi

Managed Care Advisors and Sedgwick Government Solutions recently announced a cybersecurity incident involving unauthorized access to a corporate Secure File Transfer Protocol (SFTP) server that contained personal and protected health information. Files on the server were encrypted with ransomware. Sedgwick Government Solutions, which acquired Managed Care Advisors in 2021, is a Bethesda, MD-based federal government contractor that provides workers’ compensation and managed ca

Academic Urology & Urogynecology of Arizona, a division of Palo Verde Hematology and Oncology that serves patients throughout Arizona, has announced a significant data breach, potentially affecting 73,281 current and former patients. Unauthorized access to its computer network was detected on or around May 22, 2025. Steps were taken to secure its network to prevent further unauthorized access, and third-party cybersecurity experts were engaged to conduct a forensic investigat

Healthcare data breaches discovered in calendar year 2025 that affected fewer than 500 individuals must be reported to the HHS’ Office for Civil Rights by March 1, 2026. The HIPAA Breach Notification Rule requires data breaches affecting 500 or more individuals to be reported to OCR within 60 days of the discovery of a data breach. Individuals must also be notified within 60 days, and a notice must be submitted to prominent media outlets where the affected individuals are lo

February 17, 2026 - Pharmaceutical manufacturers participating in the Medicaid Drug Rebate Program (MDRP) must report pricing and product information to the U.S. government, paying separate rebates to state Medicaid program for each "strength" and "dosage form" of single source and innovator multiple source products. However, neither "strength" nor "dosage form" is defined in the MDRP statute, regulations, or Centers for Medicare & Medicaid Services (CMS) guidance, leaving a

While the health system stated it has no evidence that the information has been used for identity theft or fraud, it is offering resources to help individuals protect their data. News Center 7 previously reported  that the organization became aware of suspicious activity within its network systems on or about May 20, 2025. The health network said that unauthorized access occurred between April 9, 2025, and May 20, 2025.

A Morris County company that provides administrative services for businesses and government agencies has agreed to cooperate with investigators seeking information about a massive data breach that exposed millions of individuals’ sensitive personal and medical information. Conduent Business Services, based in Florham Park, first discovered that its network had been compromised in January 2025, according to a notice  on the company’s website.

The Need for Change in Cybersecurity After more than 20 years in cybersecurity, I’ve learned to be skeptical. I’ve seen countless vendors promise to “revolutionize security,” only to deliver another dashboard we barely have time to check. I’m not easily impressed by the latest buzzwords, and I’ll admit I’m not the type who looks forward to sales demos. But even for a skeptic like me, it’s becoming clear that cybersecurity teams need to fundamentally rethink how we work. This

The American Hospital Association (AHA) is calling on the Food and Drug Administration (FDA) to develop evaluation standards and measurements to assess the impacts of medical tools that use artificial intelligence.  On Monday, AHA Senior Vice President for Public Policy Analysis and Development Ashley Thompson  responded to a request  from the FDA for an evaluation of AI-enabled medical devices. In the recommendation letter, she said the AHA supports AI policy frameworks that

CAMARILLO, Calif., Dec. 2, 2025 /PRNewswire/ — Gold Coast Health Plan (GCHP) recently discovered that one of its contracted business partners suffered a cyberattack that resulted in the potential disclosure of member information to an unauthorized third party. Conduent Business Solutions, a longtime administrative services vendor for GCHP, reported that the cyberattack compromised a single employee’s email account, permitting the attacker to gain access to some files between

(The Center Square) — A coalition of New York business groups is urging Gov. Kathy Hochul to veto a "restrictive" data privacy bill they say would drive up costs for health care consumers. The New York Health Information Privacy Act calls for extending the state's existing protections for personal health information beyond the scope of federal HIPAA regulations. The legislation would make it illegal to sell an individual’s regulated health information without their consent an

In today’s digital age, healthcare organizations face increasing challenges in protecting sensitive patient information. The rise of cyber threats, regulatory requirements, and the complexity of healthcare systems make data risk management a critical priority. Effective strategies can help healthcare providers safeguard data, maintain patient trust, and comply with legal standards. Understanding Data Risk Management in Healthcare Data risk management in healthcare involves id

South Korean President Lee Jae Myung on Tuesday demanded swift and severe penalties for those responsible for a massive data breach at e-commerce giant Coupang that exposed personal information belonging to more than 33 million customers. Lee called it “astonishing” that the company failed to detect the intrusion for five months and said the “scale of the damage is massive.”

In Re: Yale New Haven Health Services Corp. Data Breach Litigation    Filed: October 21, 2025 ◆ § 3:25-cv-00609-SRU    • Read Complaint   An $18M Yale New Haven Health settlement offers cash and medical data monitoring to those who may have been impacted by a massive data breach.

A customer service associate deployed at the National University Hospital (NUH) has been fined for repeatedly accessing confidential patient information without authorisation. Norkamelia Osman, 34, pleaded guilty to one charge under the Computer Misuse Act, with another similar offence taken into consideration during sentencing on Monday, December 1. According to court proceedings, Norkamelia began working as a customer service associate at Ng Teng Fong General Hospital in Ju

SEOUL, Dec 2 (Reuters) - South Korean President Lee Jae Myung on Tuesday called for increased penalties for corporate negligence in data breaches, saying a massive leak at e-commerce giant Coupang (CPNG.N) , opens new tab  had served as a wake-up call. The breach - resulting in personal data for some 33 million Coupang customers being leaked - was South Korea's worst in more than a decade. Coupang, which saw its New York-listed stock tumble 5% overnight, is now grappling with

CONNECTICUT — A proposed $18 million settlement tied to a Yale New Haven Health Services Corporation data breach affecting about 5.6 million people received preliminary court on Oct. 21. The breach, discovered in March, exposed private information including names, addresses, dates of birth, phone numbers, email addresses, race or ethnicity, Social Security numbers, patient types and medical record numbers, according to the settlement website. Those eligible to participate inc

I n today’s healthcare environment, protecting sensitive patient information is more critical than ever. With the rise of digital records and interconnected systems, healthcare providers face increasing risks from cyber threats and data breaches. Ensuring robust patient data protection is essential not only for compliance with regulations but also for maintaining patient trust and delivering quality care. The Importance of Protecting Patient Data in Healthcare Healthcare orga

ChristianaCare  has announced that a cybersecurity incident of its third-party electronic medical records vendor Oracle Health, formerly Cerner Corp., exposed patients' information and medical records. Delaware's largest health care provider did not release the number of affected patients, but letters are being mailed to patients whose information was involved in this incident. The data varied by patient, but it could include names; Social Security numbers; and patient medic

One of the county’s largest mental health service providers says the protected health information of some clients was shared without authorization. Metrocare Services  reported that nearly 8,600 clients may have been affected. The company said the issue began Sept. 9 when an employee sent an encrypted email from a work account to their personal email address, which was later shared on an unauthorized network. "We thoroughly investigated this incident and worked with the emplo