A virtual pharmacy and mail-order prescription drug firm is notifying about 2.36 million patients of a hacking incident that compromised their sensitive information. In the past week, attorneys have filed at least six proposed federal class action lawsuits related to the breach.
McLaren Health Care is notifying nearly 2.2 million people of a data breach weeks after ransomware group Alphv/BlackCat claimed to have stolen 6 terabytes of patient records in a recent attack. In the meantime, the number of lawsuits filed against McLaren related to the incident continues to climb.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," former Uber CSO Joe Sullivan discusses the Uber trial and offers guidance to future CISOs. Was the Uber case a data breach or not. Sullivan explained why that making that distinction can be complicated.
Federal agencies and Defense Industrial Base organizations need to protect data. They can use the CMMC program, the DOD Zero Trust Strategy, the cybersecurity Risk Management Framework and NIST SP 800-53 with built-in security solutions to mitigate data loss and insider risk.
Days after announcing a security compromise, cloud-based identity and authentication management provider Okta said that an unknown threat actor had accessed files of 134 customers after an employee signed in to a personal Google profile on the Chrome browser of an Okta-managed laptop.
Members of Congress don't agree on much these days. But a new bipartisan working group launched in the Senate on Thursday hopes to rally congressional support for potential legislation focused on improving the state of cybersecurity in the healthcare sector.
Texas-based mental healthcare provider Deer Oaks Behavioral Health is notifying nearly 172,000 patients that their information was potentially compromised in a ransomware incident, even though the attack was apparently quickly detected and contained.
The fallout from the SEC's charges of fraud and internal control failures against SolarWinds and its CISO has implications for the industry. Cordery Compliance attorney Jonathan Armstrong advises security leaders to "take heed and remember that the actions of today can determine your fate tomorrow."
A Georgia-based firm that provides administrative services for health plans is among the latest firms reporting a major health data hack involving their use of Progress Software's MOVEit file transfer software. NASCO joined a growing list of health sector vendors hit by MOVEit hacks.
Welcome to "Cyber Fail." In this ISMG program, our experts uncover fails so we can strengthen our defenses. In this episode, we take on deepfakes, hallucinating chatbots, the fate of humanity and why you should never put your trust in a ransomware gang.
An unsecured database of an India-based medical laboratory recently exposed more than 12 million test results, other patient records and development files for the company's mobile health app, according to the security researcher who found the vulnerability. Redcliffe Labs has fixed the problem.
Cisco issued an urgent warning Monday about a critical vulnerability in one of its modular operating system's web interfaces that is designed for routers, switches and other appliances. Hackers exploited the IOS XE software UI to gain admin rights that give them full control of compromised devices.
IBM says the personal information of 631,000 people was compromised by a "technical method" that allowed unauthorized access to a third-party database used by a Johnson & Johnson patient medication support platform. IBM said the problem has been fixed, but two lawsuits have already been filed.
The number of people affected by a Tennessee cardiac care clinic hack has more than doubled to 411,000 since the healthcare group first reported the incident to regulators in July. Cybercriminal group Karakurt claimed responsibility for the attack, which has so far triggered five class action suits.
Regulators and prosecutors are signaling an increased interest in charging individuals such as CISOs with violating cybersecurity and privacy rules. Attorney Jonathan Armstrong of Cordery said the imperative for CISOs responding to security incidents is clear: Never go it alone.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.