The aftershocks of the Change Healthcare cyberattack are still reverberating through the healthcare sector nearly 60 days into the recovery process. But on Tuesday, members of Congress and industry experts grappled with how to avoid a future replay - minus a key witness: UnitedHealth Group.
Cybersecurity experts are sounding the alarm over a rise in supply chain attacks targeting the interconnected systems of global corporate giants after the top U.S. cyber agency urged Sisense customers to reset their credentials following an apparent hack.
A global law firm that provides data breach legal services has agreed to an $8 million settlement to resolve a proposed class action lawsuit filed against the firm in the aftermath of its cyberattack last year, which affected some health sector clients and nearly 638,000 individuals.
In the latest weekly update, four ISMG editors discussed the unending twists and turns in the Change Healthcare cyberattack, positive signs of economic recovery in the cybersecurity tech market, and how artificial intelligence is shaking up supply chain security.
Software as a service, much like the cloud, is a major driver in digital transformation, but it is also a leading vector for cyberattacks on digital networks. As SaaS application attacks continue to rise in scale and frequency, do businesses have ways to tackle the threats?
A Wisconsin nonprofit managed care organization is notifying nearly 534,000 individuals that their protected health information was copied and stolen in a recent attack by a "foreign ransomware gang" that also attempted - but failed - to encrypt the group's IT systems.
To prepare for compliance with the EU's Digital Operations Resilience Act (DORA), organizations must assess its impact on their supplier ecosystem and understand regulatory expectations by the 2025 deadline. This white paper offers insights into DORA's ICT-related regulations, implications for Third-Party Risk...
Organizations face a growing challenge in managing third-party risks due to the expanding number of relationships and limited resources. Traditional risk management practices are struggling to keep up, leaving organizations vulnerable to unassessed risks. A comprehensive solution incorporating advanced automation and...
This white paper will explore the process of prioritizing third parties for incident response, building and distributing an incident-response questionnaire, and reporting on an organization’s risk status after a threat has been identified and evaluated.
Organizations are overwhelmed by the many indicators of...
As organizations embrace digital transformation, software security challenges have become increasingly complex. Adriana Freitas, director of the European Foundation Anti-Phishing Working Group, offers insights on the imperative role of DevSecOps in modern cybersecurity practices.
The Change Healthcare attack - the most disruptive cyber incident to ever hit the U.S. healthcare ecosystem - spotlights the risks that come from relying on a handful of major suppliers, said leaders of the Health Information Sharing and Analysis Center.
Fresh zero-day vulnerabilities continue to be actively exploited in the wild by attackers, often for surveillance and espionage purposes, according to the latest annual review of in-the-wild exploits published by Google. In 2023, 97 new zero-days came to light, up from 62 in 2022.
The move to cloud has uncovered a range of risks that enterprises might inadvertently overlook. Transition often highlights cloud concentration risk, which encompasses vendor, availability, business continuity and regulatory risks, said Abid Adam, group chief risk and compliance officer at Axiata.
A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.
Revenue cycle management firm MedData has agreed to a $7 million settlement in a class action lawsuit filed after an employee inadvertently uploaded and exposed the health and personal information of about 136,000 individuals on the public-facing part of GitHub for more than a year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.