A report from cybersecurity vendor Critical Insight found that 40 million patients' medical information has been involved in data breaches so far this year; at this rate, 2023 will break the record for most individuals affected in breaches.

cybersecurity has become a top-of-mind issue for the healthcare C-suite. Distributed care delivery models — which bring care to patients virtually or physically, outside of traditional care facilities — are complicating the cyber landscape. While this care model can greatly improve patients’ access to care, it also creates a larger attack surface for cybercriminals to target and increases an organization’s cybersecurity risks.

Ocean Springs, Miss.-based Singing River Health System has taken some of its internal systems offline as it deals with a cyberattack. 

The monthly average of class-action lawsuits filed over health data breaches has nearly doubled since 2022, Bloomberg Law reported Aug. 22. 

Springfield, Pa.-based Crozer Health said its computer systems that handle patient records, which were forced offline due to an Aug. 3 ransomware attack, should be back online and fully operational starting Aug. 22, The Philadelphia Inquirer reported. 

Louisville, Ky.-based UofL Health confirmed that it has been affected by the data breach on popular file transfer tool MOVEit, which has affected millions of people across a variety of industries. 

Culver City, Calif.-based Prospect Medical Holdings said it has made progress in restoring critical systems that were taken offline due to a ransomware attack that started Aug. 3, ABC News reported Aug. 18. 

Pittsburgh-based UPMC has been working with law enforcement agencies and regulators to respond to third-party data breaches, Pittsburgh Post-Gazette reported Aug. 21.

Point32Health, the parent of Harvard Pilgrim Health Care, reported a $102.7 million operating loss for the first half of the year, which its chief financial officer largely attributed to an April ransomware incident that took place on its computer systems, The Boston Globe reported Aug. 18.  

Morris (Ill.) Hospital & Healthcare Centers disclosed a data breach that affected 248,943 patients, according to a filing with the Maine Attorney General.

From 2017 to July 2023, data breaches have cost healthcare organizations more than $39 billion, according to a new report from Comparitech. 

Jefferson Health's maintenance vendor informed the health system that a portable backup drive was missing from its DEXA scan device at its Jefferson Cherry Hill (N.J.) Hospital.

HHS rolled out a new project Aug. 17 to protect hospitals from the growing cybersecurity threat.

Baltimore-based Johns Hopkins University and Health System are facing up to seven lawsuits that allege that the organizations failed to protect patient information from Russian cyber group Clop, The Baltimore Banner reported Aug. 16. 

Parkersburg, W.Va.-based WVU Medicine Camden Clark Medical Center is the latest health system caught up in a massive, worldwide data breach.

Hospitals in multiple states continue to be disrupted by a ransomware attack on their parent company, Culver City, Calif.-based Prospect Medical Holdings, nearly two weeks earlier.

Bethlehem, Pa.-based St. Luke's University Health Network has achieved 73 percent in cost savings after replacing its legacy data security vendor with Rubrik.

Vecino Health Centers, based in Houston, was affected by the MOVEit cyberattack and is notifying patients affected by the breach.

Anahi Santiago, chief information security officer at Newark, Del.-based ChristianaCare, received the Routhy Award, recognizing her success within cybersecurity.

An unauthorized party has copied files from Tifton, Ga.-based Tift Regional Health System, breaching some patients' Social Security numbers.