The Food and Drug Administration is urging blood suppliers - a recent target of attacks - to bolster their cybersecurity practices to prevent and mitigate cyber incidents that could affect the supply and safety of critical blood and blood components used for transfusions and other patient care.
Major grocery store chains, Starbucks and other large organizations are experiencing disruptions following a ransomware attack against supply chain management service provider Blue Yonder. The provider said it is continuing to probe the attack and has no timeline for service restoration.
David Anderson's career began in banking and followed a path to the rapidly changing world of cyber insurance. Anderson, vice president of cyber liability at Woodruff Sawyer, shares how he built a practice rooted in transparency, trust and client education.
The Consumer Financial Protection Bureau's open banking ruling shifts liability burdens onto banks, amplifying their responsibilities for securing data shared with third-party fintechs. John Horn at Datos Insights explains the potential for third-party breaches.
A new playbook from the Health Sector Coordinating Council aims to help manufacturers of medical products such as pharmaceuticals, devices and durable equipment plot out and improve their response to ransomware attacks and other cyber incidents.
The Justice Department unsealed an indictment against alleged hackers Connor Moucka and John Binns, accusing them of stealing data from the cloud platform Snowflake, extorting millions in bitcoin and stealing sensitive personal information from over 165 organizations and millions of individuals.
Financial services leaders and cybersecurity experts said at Information Security Media Group’s 2024 Financial Services Summit that third-party vendor security risks required the need for proactive, multi-layered security frameworks to combat the growing threat landscape.
Finnish telecommunications equipment manufacturer Nokia is investigating the alleged posting of source code data on a criminal hacking forum. A hacker going by the handle of "IntelBroker" on Thursday posted what he said is a trove of "Nokia-related source code."
CrowdStrike has countersued customer Delta Air Lines, accusing the airline of employing a lawsuit and seeking damages in "a desperate attempt to shift blame" for Delta's own IT inadequacies having exacerbated its outage, unlike "other major airlines" that quickly resumed operations.
LinkedIn is facing several proposed class action lawsuits filed in recent weeks in California alleging that the company is "intercepting" users' sensitive information related to appointments booked on medical websites through the use of web tracking tools for marketing and advertising purposes.
When a large hospital in an urban area is shut down by ransomware, the disruption can be significant, but when a rural hospital faces a similar cyber outage, the impact on patient safety and the community can be extreme, said Nitin Natarajan of the Cybersecurity and Infrastructure Security Agency.
Despite heavy security investments, banks still struggle with basic security issues such as default passwords, vendor vulnerabilities and social engineering scams. Scott Weinberg, CEO of Neovera, shares a new report that shows banks of all sizes still grapple with these common risks.
It's crucial for healthcare sector organizations to vet their artificial intelligence tech vendors in the same robust way they scrutinize the privacy and security practices of all their other third-party suppliers, said attorney Linda Malek of the law firm Crowell & Moring.
Ransomware gang BianLian has listed Boston Children's Health Physicians - a pediatric group that practices in New York and Connecticut - on its dark web site, threatening to release stolen patient and employee data. The practice said the September incident involved an IT vendor.
UnitedHealth Group has raised its estimates to nearly $2.9 billion for the total costs this fiscal year of the cyberattack on its Change Healthcare IT services unit. UHG said it is also working to catch up with claims processing and to win back clients disenfranchised by the attack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.