Resources

Nearly 32 million patient records were breached in the first half of 2019, according to new data released this week in the Protenus Breach Barometer, an analysis of how data breaches are affecting the healthcare industry.

Banking institution Capital One has just revealed that it’s suffered a data breach that exposed the names, addresses, phone numbers, emails, dates of birth, and self-reported incomes of approximately 100 million Americans, and 6 million in Canada, due to a “configuration vulnerability” in the servers of an unnamed cloud computing company hosting the bank’s data.

Another clinical lab ensnared in the AMCA data breach has come forward. Clinical Pathology Laboratories (CPL) says 2.2 million patients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information, and treatment provider information stolen in the previously reported breach.

While many in the healthcare industry have seen the benefits of outsourcing tasks to third-party vendors, a new study cautions that those benefits could come with significant risks.

While data breaches cost providers $2.9 million in recovery, new data from Ponemon Institute and Censinet shows managing vendor risk is far most costly at $3.8 million per provider annually.

Along with ransomware’s resurgence in financial impact and the rise of cryptojacking, attacks via third parties also became more prevalent in 2018, OTA found. The most notable such attack was Magecart, which infected the payment forms on more than 6,400 e-commerce sites worldwide.

Oregon Senate Bill 684 extends breach notification obligations to “vendors,” defined as entities who contract with a covered entity to “maintain, store, manage, process or otherwise access personal information.”

This third-party data breach exposed 85.4 GB of security logs from Pyramid Hotel Group.

A day after Quest Diagnostics announced 12 million patients were affected by a data breach, another medical testing company says its patients’ data was also compromised.