Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Lawsuit filed against nonprofit hospital after Cerner hack exposes thousands
Aultman Health System notified its patients of the data breach in December 2025. However, the breach occurred some 11 months earlier. The organization said the delay was due to an ongoing investigation. The lawsuit against Aultman is seeking class action status.
California health system sued over 2024 breach on health IT vendor TriZetto
The cyberattack was not discovered until October 2025, and a headcount of the victims is still being conducted. In the meantime, a patient of Sacramento-based One Community Health argues in a lawsuit that the nonprofit health system failed to secure his data, as required by law. The complaint is seeking class action status.
Maine health system confirms data breach impacted 145K as civil litigation moves forward
The cyberattack on Central Maine Healthcare happened in summer 2025, but the investigation was complicated by the hackers having access to systems for several months. A class action lawsuit is pending in state court.
New York-based radiology group hit by data breach
During the breach, certain files within the group's network were accessed and copied without permission.
New York invests over $309M in statewide health projects, including $33M for Epic integration
In total, 22 facilities will benefit from the money, provided by the Statewide Health Care Facility Transformation Program. Projects include cybersecurity upgrades and telehealth implementation, in addition to EHR upgrades.

Dental marketing firm Gargle likely source of 8M leaked patient records

Researchers at Cybernews said they discovered a database online containing patient names, contact information and appointment records from millions of patients who received dental care. No one has claimed the database. However, clues point to it belonging to Gargle, an industry marketing group.

healthcare insurance fraud scam scheme legal lawsuit

Fraud prevention expert charged with over 167 suspected incidents of healthcare fraud

Faranak Firozan, 47, is a cybersecurity expert at Nvidia who regularly spoke on the topic of “cyber laundering.” Prosecutors in California allege she submitted fraudulent medical claims to an employer-sponsored insurance plan, bilking Cigna out of $100,000.

GE HealthCare recalls legacy cardiology information systems due to security risk

GE HealthCare has warned that the devices could potentially be accessed and manipulated by an outside party. The FDA has classified this as a Class II recall.

Interlock claims responsibility for Kettering cyberattack, stolen data listed for sale

In a post on the dark web, well-known hacker group Interlock is offering a 941 GB trove for sale, said to contain patient financial records, driver's licenses, clinical summaries and more from Ohio-based Kettering Health.

AMA brainstorms on key topics impacting healthcare

"With significantly strengthened penalties, standardized reporting requirements and unprecedented enforcement commitments, the regulatory landscape has dramatically shifted," the AMA wrote.

Research brief: Cybersecurity threats inherent to AI-aided remote patient monitoring

Leveraging the upsides of RPM with AI demands human attention to numerous challenges. Primary among these are privacy and cybersecurity risks, researchers report.

Ransom demanded, emergency care diverted as Kettering Health reels from cyberattack

The Ohio-based nonprofit health system did not confirm patient data was exposed and taken by hackers. However, a media report confirmed it has received a ransom notice credited to the Interlock cybercrime cell.

Cyberattack on nonprofit health system triggers scam calls to patients

Kettering Health in Ohio confirmed it is experiencing a data breach impacting care delivery. However, it stopped short of saying the calls are related, as an investigation is ongoing.

Cybersecurity

Lawsuit filed against nonprofit hospital after Cerner hack exposes thousands

California health system sued over 2024 breach on health IT vendor TriZetto

Maine health system confirms data breach impacted 145K as civil litigation moves forward

New York-based radiology group hit by data breach

New York invests over $309M in statewide health projects, including $33M for Epic integration