In 2021, when Scripps Mercy Hospital of San Diego was hit with a ransomware attack, it caused ripple effects to nearby hospitals, including UC San Diego Health, which had to see an influx of patients as they got diverted to its hospital, NPR reported June 19.

The Health Sector Cybersecurity Coordination Center is raising the alarm on TimisoaraHackerTeam, a newer and relatively unknown ransomware group that targeted a U.S. cancer center in June.

St. Louis-based Ascension is facing a lawsuit for allegedly taking employees' fingerprints without their consent, Law360 reported June 16. 

Nate Couture, chief information security officer of the Burlington-based University of Vermont Health Network, said rural hospitals' compensation for cybersecurity talent is much lower than other industries, making it harder to fill roles, GovInfoSecurity reported June 14.  

Insider threats, which include healthcare employees who abuse their access rights to steal patient data to commit identity theft and financial fraud, have affected three hospitals and health systems.

MercyOne, based in West Des Moines, Iowa, is facing a lawsuit for a May data breach in which an unauthorized party accessed its network, compromising the protected health information of 20,000 patients, Iowa Capital Dispatch reported June 15. 

The Rural Hospital Cybersecurity Enhancement Act made it out of committee and will now head to the Senate floor.

Several security guards from Yakima (Wash.) Valley Memorial Hospital inappropriately used the hospital's EHR system to obtain access to medical records of 419 patients. 

Baltimore-based Johns Hopkins University and Health System are notifying patients that some of their protected health information may have been compromised due to hackers targeting a software vulnerability called MOVEit, The Baltimore Banner reported June 14. 

Medtech company Siemens Healthineers is partnering with Claroty, a company that helps healthcare providers secure cyber-physical systems, to launch a new cybersecurity platform for hospitals.

Brooklyn, N.Y.-based Maimonides Medical Center has begun notifying 33,000 patients that their data may have been compromised during a recent hack.

Trinity Health, based in Livonia, Mich., is facing a class-action lawsuit for a March data breach that compromised the protected health information of 21,000 patients. 

The most hacked password in the U.S. in 2023 so far is "password," according to a report from SafetyDetectives.

Healthcare cybersecurity vendor Cynerio is partnering with Microsoft to integrate its cloud-based cybersecurity tools into Microsoft Sentinel. 

An unauthorized individual accessed an employee email account from Sparta (Ill.) Community Hospital District that contained some protected health information. 

More than 25,000 Pittsburgh-based UPMC patients are being notified that some of their protected health information may have been compromised due to a breach that occurred at its billing and collection services provider, Pittsburgh Post-Gazette reported June 13.    

Healthcare organizations have been embracing digital transformation to provide higher levels of flexible care and work towards universal access for underserved populations. The pandemic greatly accelerated these efforts, prompting providers to expand their efforts around remote clinics, telemedicine and other key transformation initiatives. Let’s take a moment to look at three key areas and respective security capabilities critical to healthcare providers in 2023 and beyond.

Oakland, Calif.-based Kaiser Permanente is facing a proposed class-action lawsuit alleging that the health system let companies such as Google, Twitter and Microsoft intercept certain patient data, Bloomberg Law reported June 12.

At least four lawsuits have been filed in the U.S. District Court for the District of Massachusetts against Harvard Pilgrim Health Care and parent company Point32Health from the fallout of an April ransomware attack, The HIPAA Journal reported June 13.

Healthcare revenue cycle management firm Intellihartx disclosed that 489,830 patients were affected by a third-party data breach involving a file transfer software called GoAnywhere from third-party vendor Fortra.