A former health system executive was sentenced to two years of probation for violating HIPAA, HIPAA Journal reported Jan. 9.

After a dramatic increase in cyberattacks, New York state has announced plans to expand cybersecurity regulations.

The Biden administration is looking to strengthen healthcare cybersecurity and is planning to unveil new requirements for hospitals, themessenger.com reported Jan. 9. 

The New York attorney general has reached a settlement agreement with Refuah Health Center regarding a 2021 ransomware attack. 

A hacker group said it only stole data from Trenton, N.J.-based Capital Health — but didn't encrypt it — "so as not to interfere with patient care," databreaches.net reported Jan. 8.

SSM Health, one of Oklahoma's largest healthcare providers, said a partner vendor recently suffered a data breach.

A healthcare coalition comprising two hospitals and an orthopedic group filed a lawsuit against unidentified individuals associated with the ransomware group LockBit, BankInfoSecurity reported Jan. 4. 

North Kansas City (Mo.) Hospital disaffiliated from medical transcription provider after investigations of a July 21, 2023, data breach.

The FBI is helping Newburyport, Mass.-based Anna Jaques Hospital investigate a Dec. 24 cyberattack, The Daily News reported Jan. 3. 

Hackers threatened to "swat" patients of Seattle-based Fred Hutchinson Cancer Center if the organization didn't meet its ransom demands, databreaches.net reported.

Pittsburgh-based UPMC is investing in cybersecurity in a challenging economic environment by making the business case for it, The Wall Street Journal reported Jan. 4.

An anonymous employee from Liberty (Mo.) Hospital is alleging that the organization has been cutting employee hours due to a December cybersecurity incident, KCTV reported Jan. 3. 

Health systems experienced 46 ransomware attacks in 2023, up from 25 in 2022 and 27 in 2021, as hackers continue to bedevil the industry, cybersecurity firm Emsisoft reported.

Oklahoma City-based Integris Health faces a multimillion-dollar lawsuit over a ransomware attack in which hackers attempted to extort patients on Christmas Eve, KFOR reported.

Michigan Attorney General Dana Nessel is advocating for legislation to enact mandatory data breach reporting, ensuring increased transparency after Corewell Health experienced two data breaches in 2023, WEMU reported Jan. 2.

Liberty (Mo.) Hospital had its computer systems disrupted due to a cybersecurity incident. 

Anna Jaques Hospital in Newburyport, Mass., took its computer system and EHR offline after identifying a cyberattack Dec. 24, according to The Daily News.

Carthage (N.Y.) Area Hospital and Ogdensburg, N.Y.-based Claxton-Hepburn Medical Center are taking legal action to recover patient data stolen in a September ransomware attack, local news outlet WWNY reported Dec. 28.

In 2023, health systems in Tennessee, California and Florida reported breaches affecting more than 1 million patients. 

More than 1 million patients at Corewell Health may have had their information exposed as the health system's population health management vendor, HealthEC, experienced a data breach, Michigan Attorney General Dana Nessel said Dec. 26.