Editor's Note North Korean hackers targeted U.S. hospitals and healthcare systems with ransomware to fund a covert information exfiltration campaign against American military and scientific entities, according to a July 25 report from CBS News. The first attack was a May 2021 ransomware infiltration of a hospital in Kansas. The…

Read More

Editor's Note Qilin, a ransomware group based in Russia, claimed responsibility for a cyberattack against pathology services provider Synnovis that paralyzed London Hospitals and is now requesting $50 million, Becker’s Health IT reported June 20. Citing a report from Bloomberg, the article notes that the attack disrupted services at London-based hospitals…

Read More

Editor's Note Change Healthcare has started to notify health care providers about patient data stolen in the February cyberattack and announced plans to mail affected individuals as well. A unit of UnitedHealth Group, the organization issued the update June 20. “CHC is providing this notice now to help individuals understand…

Read More

Editor's Note Microsoft and Google announced they will offer free or discounted cybersecurity services to rural hospitals in the U.S. to help protect against cyberattacks, CNN reported on June 10. According to the article, Microsoft will provide free security updates, assessments, and staff training, while Google will offer free cybersecurity…

Read More

Editor's Note Doctors are urging the American Medical Association (AMA) to take legal action or otherwise help recoup their losses from the February 21 Cyberattack on Change Healthcare, a division of United HealthGroup. Forbes reported the news June 3. The article cites a a resolution before the AMA’s reference committee on amendments…

Read More

Editor's Note Change Healthcare is responsible for notifying affected parties about privacy breaches resulting from the February cyberattack on the company, The U.S. Department of Health and Human Services (HHS) announced May 31. The announcement took the form of an update to an FAQ webpage from HHS’ Office for Civil…

Read More

Editor's Note A joint letter from the American Medical Association (AMA) and more than 100 medical organizations asks Health and Human Services (HHS) Secretary Xavier Becerra to confirm that providers do not bear responsibility for legal reporting requirements for information stolen in the Change Healthcare cyberattack, including personal patient data.…

Read More

Editor's Note A $50 million initiative to develop cybersecurity tools for hospitals aims to protect providers and patients alike from ransomware, according to a May 20 report in Becker’s Health IT. The Universal PatchinG and Remediation for Autonomous DEfense, or UPGRADE, program was launched the same day by the Advanced Research…

Read More

Editor's Note Black Basta, reportedly the second most prolific ransomware group in the world, has healthcare organizations firmly in its crosshairs, according to a May 13 article in the Hippa Journal. Citing a May 10 bulletin on the group from Health Information Sharing and Analysis Center Healht-ISAC, the article notes…

Read More

Editor's Note Hospital head counts and budgets reflect a growing emphasis on cybersecurity, according to a recent Moody’s Investment Service report. As detailed in an April 25 report in Becker’s Health IT, the Moody’s report is based on data from 148 healthcare organizations, 77% of which are hospitals. Cybersecurity team…

Read More