A cyberattack is disrupting clinical operations at St. Louis-based Ascension.

Hospital associations are urging UnitedHealthcare's CEO to provide a breach notification on behalf of the hospitals and health systems affected by the Feb. 21 attack on its subsidiary Change Healthcare. 

In a letter to patients, Poway, Calif.-based Palomar Health Medical Group said it is investigating "suspicious activity on certain computer systems within its network," NBC San Diego reported May 7. 

The U.S. government has charged the alleged mastermind of a hacking group that extorted hospitals.

Hospitals should be on the lookout for "vishing," a new form of cybercrime that uses artificial intelligence, a health system CIO said.

Many organizations believe they are prepared for an emergency until crisis arrives.

Hackers accessed employee email accounts at Columbia, Md.-based MedStar Health, compromising the data of 183,079 patients, the health system said in a May 3 notice on its website. 

American Hospital Association President and CEO Rick Pollack said the recent hearings about the Change Healthcare hack have shed light on the extensive reach and influence of UnitedHealth Group, the parent company of Change. 

Hospitals are often reluctant to share information about cyberattacks, even with one another, because of liability concerns, a health system CIO told Congress.

Three senators wrote a letter asking the U.S. Cybersecurity and Infrastructure Security Agency about its role in addressing the Feb. 21 breach on UnitedHealthcare's subsidiary Change Healthcare, Bloomberg reported April 30. 

Hospitals continue to experience "financial and operational impacts" from the Change Healthcare hack more than two months after the cyberattack on the UnitedHealth Group subsidiary, the American Hospital Association said.

The ransomware group responsible for the Feb. 21 cyberattack on UnitedHealthcare subsidiary Change Healthcare used stolen credentials to remotely access the company's systems, according to testimony from UnitedHealth CEO Andrew Witty. 

A hacker gained the login credentials of 23 employees of a Los Angeles-based health system during a recent phishing attack.

The Federal Trade Commission made changes to the Health Breach Notification Rule as it aims to better address the evolving landscape of health technology. 

The Medical Group Management Association is seeking clarity from the HHS' Office for Civil Rights regarding who carries the burden of providing HIPAA-required breach notifications to both the federal government and affected patients following the Change Healthcare cyberattack.   

Oakland, Calif.-based Kaiser Foundation Health Plan is notifying current and former patients that it shared information with third-party advertisers. 

Healthcare cybersecurity budgets and teams have grown significantly since 2019 as threats become more pronounced, according to an April 2024 report from Moody's Investors Service.

UnitedHealth Group's Change Healthcare said it will take several more months to identify the personal data that was compromised from its Feb. 21 cyberattack, The Wall Street Journal reported Feb. 25. 

Dallas-based Tenet Healthcare has to face a class-action lawsuit claiming its patient portal shared data with Facebook and other third-party companies, Bloomberg Law reported.

Cleveland Clinic's CEO said that cyberattacks pose a significant threat to health systems due to insufficient security measures across various departments and a shortage of IT personnel in hospitals, Ideastream Public Media reported April 23.