Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network. [...]

Lauren Rankin writes: New York had the chance to make history in more arenas than basketball this June. Earlier this month, the New York Senate passed the Maternal Health, Dignity and Consent Act, becoming the first legislative chamber in the country to pass legislation that would require informed consent for drug testing of pregnant people. But despite that...

Threat actors gained access to personal and protected health information that Xsolis received from its clients.

The post Xsolis Data Breach Affects 1.4 Million Individuals appeared first on SecurityWeek.

James Mann and David Saunders of McDermott Will & Schulte write: Readers may recall that last year, New York attempted to enact a health privacy law that was ultimately vetoed by the governor. Now, New York is back with another attempt that, after some modification from last year’s version, stands a chance of being signed by Governor Kathy Hochul. Like...

Russell Myers reports: A hospital worker at the private clinic where the Princess of Wales had abdominal surgery is set to face a criminal prosecution following an investigation into claims that the Princess’ medical records had allegedly been accessed by staff in 2024, it is understood. A total of three trusted employees, who worked at The...

The digital health company said it learned of the breach on June 8 and the attackers demanded a ransom.

The post iRhythm Confirms Data Stolen in Hack appeared first on SecurityWeek.

Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients' personal and health information stored on third-party-hosted business applications. [...]

Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. [...]

The ShinyHunters extortion group leaked roughly 234 GB of data allegedly stolen from the dental benefits administrator.

The post Hackers Leak DentaQuest Information Impacting 2.6 Million appeared first on SecurityWeek.

A data breach at the dental benefits administrator DentaQuest has reportedly exposed the sensitive data of 2.6 million accounts.  [...]

Margaret Attridge reports: The Nevada Supreme Court granted a victory to reproductive health advocates and abortion providers Thursday, blocking enforcement of a 1985 state law restricting abortion for minors. Reversing a lower court’s denial of a preliminary injunction, an en banc panel of justices ruled Nevada Senate Bill 510 — passed in 1985, never enforced and...

Naomi Diaz reports: The American Hospital Association and Illinois Health and Hospital Association are urging the 7th U.S. Circuit Court of Appeals to reverse a lower court ruling in a website-tracking lawsuit against Evanston, Ill.-based Endeavor Health, formerly known as Edward-Elmhurst Health. In a May 27 amicus brief, the hospital groups said they support Endeavor Health and...

Dark patterns force patients to share their data with big healthcare networks, even when the privacy form they’re signing explicitly says they can opt-out. By: Alex Rosenblat When Paula Stannard, one of the federal government’s top healthcare privacy officials, visited her eye doctor this year, she was asked to sign a form, acknowledging she’d received...

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data. [...]

The affected third-party vendor has not been named, but one possible candidate is TriZetto.

The post Oncology Institute Discloses Data Breach appeared first on SecurityWeek.

Threat actors stole files containing names and protected health information from the healthcare organization’s systems.

The post 266,000 Affected by Data Breach at Radiology Associates of Richmond appeared first on SecurityWeek.

Several healthcare data breaches impacting hundreds of thousands and even millions were added to the HHS tracker.

The post Millions Impacted Across Several US Healthcare Data Breaches appeared first on SecurityWeek.

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. [...]

The telehealth platform was hacked in January, and users’ personal information was exfiltrated from its systems.

The post 716,000 Impacted by OpenLoop Health Data Breach appeared first on SecurityWeek.

The company took systems offline globally after hackers exfiltrated data and deployed file-encrypting ransomware.

The post West Pharmaceutical Services Hit by Disruptive Ransomware Attack appeared first on SecurityWeek.