The MOVEit data breach continues to take more victims across a variety of industries, including hospitals and health systems across the U.S. as well as CMS. 

With healthcare’s shift toward digitization and customer centricity, business and operations risks are also evolving, requiring a rethinking of risk management and controls. As organizations look to transform their operations, they need to be vigilant in anticipating and managing their risks in compliance, operations, finance and technology. Amid these daunting challenges, however, lies opportunity. With the right approach, coordination and tools, providers can mitigate these risks and emerge stronger to deliver better value to their many stakeholders.

Heritage Valley Health System, based in Beaver, Pa., is facing a lawsuit for allegedly using pixel tracking technology on its website that allowed third parties to gain access to some patients' protected health information.

Lawyers for Allentown, Pa.-based Lehigh Valley Health Network filed a court motion stating that lawyers representing a data breach lawsuit filed against them improperly downloaded patient data from the dark web in an "attempt to gain a strategic advantage in the case," The Morning Call reported July 29. 

Ransomware gang Karakurt has allegedly stolen genetic DNA patient records from McAlester (Okla.) Regional Health Center and is planning to auction them off Aug. 1, Cybernews reported July 31. 

Hackers had access to Tampa (Fla.) General Hospital's IT network for three weeks, the Tampa Bay Times reported.

The average cost of a data breach reached a new global high in 2023, but it was still less than half the average healthcare data breach cost, a July 24 IBM report found.

The personal health information of 612,000 Medicare beneficiaries has been breached from CMS contractor Maximus Federal Services.

An employee email account from Sacramento, Calif.-based UC Davis Health was accessed by an unauthorized party, potentially breaching some patients' protected health information. 

Several hospitals and health systems across the U.S. are facing lawsuits regarding data breach incidents that compromised patients' protected health information.

Florida is requiring all state employees to undergo cybersecurity training through the CyberSecureFlorida Training Initiative, according to a July 27 report from FOX 13 News.

After a series of data breaches resulting from third-party MOVEit software, industry group Health 3rd Party Trust Initiative is getting together with hospitals to crack down on vendor breaches.

The MOVEit data breach continues to take more victims across a variety of industries, including hospitals and health systems across the U.S., which is causing the number of individuals whose data has been stolen to rise to 34.5 million, TechCrunch reported July 27. 

The MOVEit data breach that has affected millions of people across a variety of industries has claimed another health system victim: Dallas-based UT Southwestern Medical Center, WFAA reported July 20. 

A patient and a former employee of Louisville, Ky.-based Norton Healthcare filed a lawsuit against the health system after it experienced a cyber event that may have compromised individuals' protected health information, ABC affiliate WHAS reported July 26.  

As healthcare data breaches continue to increase, cybersecurity company Drata analyzed HHS data to determine which states were affected the most in 2022.

John Riggi, the national adviser for cybersecurity and risk for the American Hospital Association, said foreign hacking groups in countries such as Russia, China and North Korea are making the association "very concerned," NPR reported July 26. 

Chicago-based Rush Health is facing a lawsuit that alleges that the health system shared patient health information with Google and other third parties, Bloomberg Law reported July 25. 

St. Petersburg, Fla.-based Johns Hopkins All Children's Hospital was affected by the hacking of a vulnerability in software called MOVEit, which also affected Baltimore-based Johns Hopkins University and Health System, Fox affiliate WTVT reported July 24.

As of July 23, healthcare organizations covered by HIPAA have reported more than 330 breaches affecting 43 million people, Politico reported July 24.