Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Healthcare Suffers Estimated $6.2 Billion In Data Breaches
Newest First  |  Oldest First  |  Threaded View
Financial SuperStar
50%
50%
Financial SuperStar,
User Rank: Apprentice
6/20/2019 | 11:12:41 AM
Financial Advisor
At the end of the day there will always be data breaches. However, it should be noted that health care companies seem to be having a disporpotioate amount of data breaches. 
builder7
50%
50%
builder7,
User Rank: Apprentice
5/12/2016 | 2:45:58 PM
Negligence
The different entities in the healthcare industry should be charged with negligence that has led to these data breaches, as they should in many other industries, because of their intrasingence towards security in their organizatons that are charged with upholding a certain criteria regarding safeguarding the data that people give them.  It would almost be like they want the data to be lost because it later appears as data that can be bought by private business so that they don't have to abide by the HIPPA rules.  Business may not be hiring the proper people and/or the correct amount of people to protect their data because they just wink at each other in business.  No matter what the reasoning, these businesses are the ones responsible for allowing unauthorized use of their servers or workstations because they have been negligent.  It only takes on look at their yearly profits to see that they could have well afforded to hire the small amount of technicians who could protect their networks and servers.  I am tired of seeing these stories because there is no such thing as protected data anymore.  This is just another example of how business is unable to take care of things themselves but always seem to need regulations to lead them by the hand to make them abide by certain norms to accomplish their mission, which is at odds with them making horrendous amounts of profit!  It is time for this to stop!
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/12/2016 | 8:52:46 AM
Re: Healthcare breaches
...Now if they could only get the necessary budget & talent to shore up their security. 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
5/12/2016 | 8:50:05 AM
Healthcare breaches
2015 was big in particular for this activity.  At a healthcare IT conference I went to last month (one I go to almost every year), one of the speakers referred to 2015 as "the year of the healthcare breach" -- and it's something that has worried the industry (as well as government regulators) quite a bit.  Security was much more top-of-mind at this year's conference than it had been in the past.


Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24119
PUBLISHED: 2021-05-14
A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not perfect.
CVE-2020-27833
PUBLISHED: 2021-05-14
A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. The vulnerability is limited to the command `oc image extract`. If a symbolic link is first c...
CVE-2021-22866
PUBLISHED: 2021-05-14
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub App o...
CVE-2021-27737
PUBLISHED: 2021-05-14
Apache Traffic Server 9.0.0 is vulnerable to a remote DOS attack on the experimental Slicer plugin.
CVE-2021-32054
PUBLISHED: 2021-05-14
Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations, which may cause crafted files to be delivered to clients such that they are rendered directly in a victim's web browser.