Top Stories
Visualizing Health Data Breaches in 2022
For the purpose of this article, we analyzed data from all breaches reported in 2022. We found that there were a total of 730 breaches reported during the year, affecting over 50 million individuals.
Healthcare CISO Group Focuses on Third-Party Risk Challenges
A coalition of healthcare sector firms including heavyweights CVS and Walgreens on Wednesday launched an effort to put pressure on vendors to improve their cybersecurity. The Health 3rd Party Trust, or Health3PT, includes a council of nearly two dozen healthcare sector CISOs and other security risk leaders. The group is supported by healthcare standards and framework certification body HITRUST, and CORL, a healthcare third-party risk management services and solutions provider.
Breaches
Over 460K individuals impacted by MFHS ransomware attack | SC Media
Over 460K individuals impacted by MFHS ransomware attack More than 460,000 patients, employees, and vendors had their data compromised following a ransomware attack against Pennsylvania-based nonprofit health provider Maternal & Family Health Services, according to TechCrunch.
Senior Healthcare Firm Pays Breach Settlement to States
A nursing and assisted living care firm that delayed reporting a data breach to authorities paid a $200,000 fine to two state attorneys general and pledged to implement a security incident response plan. A settlement between Avalon Health Care Management and the states of Utah and Oregon doesn't require the company to admit guilt.
Hackers went after personally identifiable information the most, study says | SC Media
Finance, professional services, healthcare and public administration were the top four industries that recorded the most breaches during the analysis.
Security
Global Cyberattacks Increased By 38% Last Year, Healthcare Hit Hard
Global cyberattacks increased by 38 percent in 2022 compared to 2021, new data from Check Point Research revealed. Healthcare was one of the three most attacked industries in 2022 according to Check Point Research data, along with the government and education sectors.
Microsoft ends Windows 7 extended security updates on Tuesday
Windows 7 Professional and Enterprise editions will no longer receive extended security updates for critical and important vulnerabilities starting Tuesday, January 10, 2023.
Economic Uncertainty Weighs on Cyber Chiefs - WSJ
While cybersecurity is expected to be spared the brunt of the belt-tightening, owing to its critical function and enhanced profile after years of increasing cyberattacks, corporate security chiefs and technology industry researchers say cyber won’t escape entirely unscathed. Some chief information security officers are looking for ways to be more efficient.
Privacy
Privacy by Design to become an ISO standard next month | IT World Canada News
Fourteen years after being introduced by a Canadian privacy commissioner, Privacy by Design (PbD) is about to become an international privacy standard for the protection of consumer products and services. On Feb. 8, the International Organization for Standardization (ISO) will adopt PbD as ISO 31700.
Republicans and Democrats, Unite Against Big Tech Abuses - WSJ
President Biden wants to limit tech companies’ use of personal data and targeted ads. The president called on lawmakers of both parties to come together to pass legislation to hold big technology and social-media companies accountable, accusing some in the industry of exploiting users’ personal data and endangering children.