Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Ransomware attack on UMMC causes 20% drop in revenue due to delayed patient care
The report on the financials comes from Mississippi Today. University of Mississippi Medical Center said it’s still processing paper backups and has extended clinic hours to address the backlog of elective surgeries and bring revenue back up to expectations. The attack happened in February and caused non-emergency operations at the health system to shut down for nine days.
Novartis sued for allegedly leaking data on breast cancer patient to Google, Contentsquare
In a lawsuit seeking class action status, a woman identified as “P.M.” said she began using the website for Kisqali, a Novartis breast cancer treatment, in late 2024 shortly after being issued a prescription. Unbeknownst to her, sensitive data she shared when seeking a discount may have been shared with advertisers.
CMS leaves the ’80s behind with shift away from snail mail correspondence, fax machines
In a Final Rule revealed last week, the Centers for Medicare & Medicaid Services outlined its plan to exchange medical records, diagnostic images and clinical notes electronically using secure protocols. Once the rule is published in the Federal Register, any HIPAA-covered entity that interacts with Medicare will have two years to follow CMS into the modern age.
New York man pleads guilty to cyberstalking family of murdered UnitedHealthcare CEO
Authorities said Shane Daley, 40, began making threatening calls mere hours after Brian Thompson was shot and killed outside a hotel in Manhattan. Daley awaits sentencing and faces up to five years in prison.
Data allegedly from UMMC priced at $800K, posted on dark web
Medusa, an infamous ransomware cybercriminal organization, has claimed credit for the February data breach at University of Mississippi Medical Center. In a post on its leak site, the gang is asking for $800,000 for the sale or deletion of the information it said it stole. An ominous ticking clock sets the deadline for March 20.

TriZetto confirms year-long hack of its network exposed records on 3.4M people

The company confirmed the number of victims in filings with the federal government and the state of Maine. The data breach was discovered in October 2025, but it began in November 2024. Hackers were siphoning protected health information for roughly a year.

Nonprofit health system, Nuance Communications agree to $5M settlement after data theft

A fired employee of Nuance, a Microsoft subsidiary, is responsible for stealing records on 1.3 million patients from Geisinger Health in Pennsylvania. He has pleaded guilty as part of a deal with prosecutors.

Cyberattack on healthcare RCM vendor may have impacted 140K patients

The details stem from a report from SecurityWeek, but they’re a little fuzzy. After a 12 GB data trove was posted to the dark web, Vikor Scientific reported to HHS that there were nearly 140,000 victims. However, the source of the breach may be a third-party revenue cycle company, Catalyst RCM.

UMMC reopens clinics shut down by ransomware attack as recovery progresses

On Monday, the University of Mississippi Medical Center said its phone systems were once again operational, allowing it to reach out to patients to reschedule missed appointments. Its clinics were shut down statewide to prioritize emergency care, as its hospitals were operating on paper backups.

AHA: ‘Zero trust’ cybersecurity posture necessary to protect hospital data

The National Security Agency released a two-phase plan for all entities within the U.S. Department of War to follow for no-trust cyber defenses. The American Hospital Association said the protocols could be adopted by hospitals.

Screenshot from Joshua Cauldwell-Clarke's instragram.

Data breach notice reveals Michigan hospital staff violated privacy of UK influencer

The facility in question was not revealed in a video posted on Instagram, where social media star Joshua Cauldwell-Clarke read the letter aloud and asked healthcare workers to please respect the rights of patients.

Public hospital in Georgia says it was hacked last year—intruders were inside its network for days

Emanuel Medical Center, a nonprofit healthcare facility run by the county, confirmed last week that it suffered a data breach in May 2025. It said protected health information was accessed in the cyberattack, and it’s begun sending notices to victims.

cybersecurity hacker ransomware cyber data breach

Days after ransomware attack, UMMC clinics remain closed as emergency rooms rely on paper backups

University of Mississippi Medical Center revealed on Thursday that it was the victim of an ongoing cyberattack, leading to disruptions throughout the health system. It's now been forced to close all clinics statewide until at least Feb. 25, as phone systems and the EHR remain inaccessible.

Cybersecurity

Ransomware attack on UMMC causes 20% drop in revenue due to delayed patient care

Novartis sued for allegedly leaking data on breast cancer patient to Google, Contentsquare

CMS leaves the ’80s behind with shift away from snail mail correspondence, fax machines

New York man pleads guilty to cyberstalking family of murdered UnitedHealthcare CEO

Data allegedly from UMMC priced at $800K, posted on dark web