Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Healthcare Suffers Estimated $6.2 Billion In Data Breaches
Newest First  |  Oldest First  |  Threaded View
Financial SuperStar
50%
50%
Financial SuperStar,
User Rank: Apprentice
6/20/2019 | 11:12:41 AM
Financial Advisor
At the end of the day there will always be data breaches. However, it should be noted that health care companies seem to be having a disporpotioate amount of data breaches. 
builder7
50%
50%
builder7,
User Rank: Apprentice
5/12/2016 | 2:45:58 PM
Negligence
The different entities in the healthcare industry should be charged with negligence that has led to these data breaches, as they should in many other industries, because of their intrasingence towards security in their organizatons that are charged with upholding a certain criteria regarding safeguarding the data that people give them.  It would almost be like they want the data to be lost because it later appears as data that can be bought by private business so that they don't have to abide by the HIPPA rules.  Business may not be hiring the proper people and/or the correct amount of people to protect their data because they just wink at each other in business.  No matter what the reasoning, these businesses are the ones responsible for allowing unauthorized use of their servers or workstations because they have been negligent.  It only takes on look at their yearly profits to see that they could have well afforded to hire the small amount of technicians who could protect their networks and servers.  I am tired of seeing these stories because there is no such thing as protected data anymore.  This is just another example of how business is unable to take care of things themselves but always seem to need regulations to lead them by the hand to make them abide by certain norms to accomplish their mission, which is at odds with them making horrendous amounts of profit!  It is time for this to stop!
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/12/2016 | 8:52:46 AM
Re: Healthcare breaches
...Now if they could only get the necessary budget & talent to shore up their security. 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
5/12/2016 | 8:50:05 AM
Healthcare breaches
2015 was big in particular for this activity.  At a healthcare IT conference I went to last month (one I go to almost every year), one of the speakers referred to 2015 as "the year of the healthcare breach" -- and it's something that has worried the industry (as well as government regulators) quite a bit.  Security was much more top-of-mind at this year's conference than it had been in the past.


Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36289
PUBLISHED: 2021-05-12
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and fro...
CVE-2021-32606
PUBLISHED: 2021-05-11
In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)
CVE-2021-3504
PUBLISHED: 2021-05-11
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to...
CVE-2021-20309
PUBLISHED: 2021-05-11
A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to ...
CVE-2021-20310
PUBLISHED: 2021-05-11
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this...