CAMARILLO, Calif., Dec. 2, 2025 /PRNewswire/ — Gold Coast Health Plan (GCHP) recently discovered that one of its contracted business partners suffered a cyberattack that resulted in the potential disclosure of member information to an unauthorized third party. Conduent Business Solutions, a longtime administrative services vendor for GCHP, reported that the cyberattack compromised a single employee’s email account, permitting the attacker to gain access to some files between

(The Center Square) — A coalition of New York business groups is urging Gov. Kathy Hochul to veto a "restrictive" data privacy bill they say would drive up costs for health care consumers. The New York Health Information Privacy Act calls for extending the state's existing protections for personal health information beyond the scope of federal HIPAA regulations. The legislation would make it illegal to sell an individual’s regulated health information without their consent an

ChristianaCare  has announced that a cybersecurity incident of its third-party electronic medical records vendor Oracle Health, formerly Cerner Corp., exposed patients' information and medical records. Delaware's largest health care provider did not release the number of affected patients, but letters are being mailed to patients whose information was involved in this incident. The data varied by patient, but it could include names; Social Security numbers; and patient medic

One of the county’s largest mental health service providers says the protected health information of some clients was shared without authorization. Metrocare Services  reported that nearly 8,600 clients may have been affected. The company said the issue began Sept. 9 when an employee sent an encrypted email from a work account to their personal email address, which was later shared on an unauthorized network. "We thoroughly investigated this incident and worked with the emplo

Computer services that nursing homes utilize, as well as several other private companies, were targeted in an ongoing cyberattack Nursing homes  have fallen victim to a series of cyber attacks, the National Cyber Directorate announced on Thursday. Computer services that nursing homes utilize, as well as several other private companies, were targeted in an ongoing attack, prompting a response from the National Cyber Directorate , the Health Ministry, and the Social Affairs Min

A group of 10 individuals has filed a consolidated lawsuit against Frederick Health regarding a ransomware attack in January, claiming their personal information has been misused since the incident. The latest complaint filed on Oct. 23 comes after Montgomery County Circuit Court Judge Harry Storm granted multiple plaintiffs the ability to consolidate their cases regarding the attack.

In a startling revelation that has sent waves across the healthcare and tech industries, Conduent, a leading business services provider, has confirmed a significant data breach impacting its healthcare division. This unprecedented incident has resulted in the exposure of 10.5 million records, raising questions about data security protocols and inviting serious legal scrutiny. In this blog post, we delve into the depths of the breach, its implications, and the ensuing legal co

Geisinger Health and Nuance Communications have agreed to a proposed settlement of a class action lawsuit related to a patient data breach. The breach, which occurred around Nov. 29, 2023, involved a former Nuance employee accessing the health system's records and the personal information of more than one million patients  two days after their job terminated. The Pennsylvania Court granted preliminary approval of a $5 million class action settlement on Tuesday and scheduled a

St. Anthony Hospital is investigating a breach of its email system that may have exposed the personal information of 6,679 people. The Little Village hospital learned in February that an “unauthorized actor” accessed a small number of hospital employee email accounts, according to a statement from the hospital. Though the hospital is still investigating, with the help of cybersecurity experts, it has learned that information such as names, addresses, dates of birth, Social Se

A cyber-crime network in India exploited the simplest of password mistakes — “admin123” — to gain access to around 80 CCTV dashboards nationwide. Over a span of nine months, approximately 50,000 video clips were illegally obtained from hospitals, schools, malls and private residences, and sold on messaging platforms for between ₹700 to ₹4,000 each.

EAU CLAIRE / MARSHFIELD (WQOW) -  Marshfield Clinic Health System is notifying patients whose data may have been affected in an August data breach. According to a Marshfield Clinic spokesperson, they became aware of unusual activity in employee email accounts around Aug. 27. An investigation found there was unauthorized access to the email accounts between Aug. 26 and 27. It is unclear if this breach impacted all Marshfield Clinic locations.

A cybercriminal group has claimed responsibility for one of the largest healthcare data breaches of 2025, announcing the theft of more than 1.24 million patient records from Doctor Alliance, a Dallas-based healthcare technology provider. The attackers released a 200 MB sample of the stolen data on public forums and are demanding a ransom for the deletion of the full dataset. This incident highlights the escalating threat facing the healthcare sector as cyberattacks surge nati

When hackers target healthcare systems, medical devices can be high-impact casualties. Clinical technology is complex and multifaceted, incorporating online systems with hardware devices. The technology has led to advances in care and diagnostic success, but also increased potential vulnerabilities. When a network is knocked offline, medical devices can also be affected.

On November 4, 2025, Senator Bill Cassidy (R-LA), chair of the Senate Health, Education, Labor, and Pensions (“HELP”) Committee, introduced the Health Information Privacy Reform Act (“HIPRA”). HIPRA seeks to extend protections similar to those provided under the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing regulations (collectively, “HIPAA”) to certain health information collected by entities not currently regulated by HIPAA.

PENNSYLVANIA (WHP) — The Pennsylvania Attorney General's Office has released a statement after a data breach leaked an unknown number of individual's personal information, including social security numbers and medical records. The AG's Office states that officials became aware on Aug. 9 that personal information belonging to certain individuals was potentially accessed without authorization.

Yale New Haven Health reached an $18 million settlement over a data breach that impacted over five million people earlier this year.   A Connecticut judge granted preliminary approval  last week for the settlement over the data breach that occurred in March 2025.

Synnovis, a leading UK pathology services provider, is notifying healthcare providers that a data breach occurred following a ransomware attack in June 2024, which resulted in the theft of some patients' data. Formerly known as Viapath, Synnovis was founded as GSTS Pathology  in 2009 . A new entity, called Synnovis, was created in  October 2022  as a partnership between international medical diagnostics provider SYNLAB, Guy's and St Thomas' NHS Foundation Trust, and King's Co

Just as the cybersecurity profession has evolved, so have the novelty and sophistication of the threats analysts fight. Years ago, threats were relatively static, so when they hit an organization, chances were the security software the security operations center (SOC) was using had a signature to handle it. As long as you weren’t patient zero—or at least under patient ten—there was a solution at your fingertips. Today, threat actors are a lot more adept at making the payload

Healthcare organizations' concerns about cyber threats were also mixed with complacency, according to a new survey from Travelers. And one analyst says too few providers are taking action to protect themselves and their patients against cyber risk.

The cybercriminals announced the attack on a popular data leak forum, which is often utilized to exchange stolen records. The attackers claim that the data was obtained recently and contains over 1.2 million records taken from Doctor Alliance, a healthcare technology firm that provides billing services to physicians.