HHS warns of healthcare cyberattack risk tied to Log4j vulnerability

The HHS Cybersecurity Program has issued a letter warning of a software vulnerability that puts healthcare providers across the country at risk of a cyberattack.

The letter, sent Dec. 10, warns of a vulnerability in Log4j, a highly utilized piece of open-source code. HHS said hackers' exploitation of the vulnerability can lead to data exfiltration and ransomware.

The Cybersecurity and Infrastructure Security Agency, the operational lead for federal cybersecurity, created a webpage and GitHub repository to provide up-to-date information and advisories on the vulnerability. 

HHS and CISA recommend healthcare organizations upgrade to Log4j version 12.15.0, a version released Dec. 10, to address the vulnerability. 

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars