In February, a significant ransomware attack targeted a UnitedHealth Group subsidiary, potentially compromising the personal data of a third of Americans and disrupting pharmacy operations nationwide. UnitedHealth CEO, Andrew Witty, disclosed to Congress that it might take months to identify and notify affected individuals due to the ongoing data analysis. Witty confirmed a $22 million ransom was paid to the hackers, who exploited a weakly secured server, and he has since apologized for the breach. This incident, considered one of the largest healthcare cyberattacks in US history, has exposed vulnerabilities in the health sector's cybersecurity infrastructure, prompting calls for tighter regulations. Despite paying the ransom, UnitedHealth is under scrutiny for its data protection practices, with an ongoing investigation by the Department of Health and Human Services and continued pressure from lawmakers to clarify the extent of data compromise.

A third of Americans could have had data stolen in big health care hack CNN

Dropbox, Inc. disclosed a cybersecurity incident affecting the Dropbox Sign (formerly HelloSign) production environment through an SEC 8-K filing on May 1, 2024. This unauthorized access was first detected on April 24, 2024, and involved a threat actor accessing Dropbox Sign user information, including emails, usernames, phone numbers, hashed passwords, and certain authentication details such as API keys, OAuth tokens, and multi-factor authentication. The incident, believed to be limited to Dropbox Sign infrastructure without impacting other Dropbox products, prompted immediate security responses including password resets, user notifications, and coordination with law enforcement and regulatory authorities. Remediation efforts are underway, and while there has been no evidence of access to the contents of users' accounts or payment information, Dropbox acknowledges the breach has violated their standard of trust and is conducting a comprehensive review to prevent future incidents.

2024-05-01 DROPBOX, INC. Cybersecurity Incident board-cybersecurity.com

David Ting, Tausight's CTO, and Larry Ponemon from the Ponemon Institute highlight the escalating risks and inefficiencies in healthcare data security during a webinar. Their research identifies a pervasive lack of visibility into where and how Protected Health Information (PHI) is stored and accessed, weaknesses exacerbated by frequent cyberattacks and inadequate cyber-hygiene practices. They emphasize the need for heightened responsibility and advanced solutions to locate, protect, and manage PHI effectively, advocating for better awareness, data management policies, and rapid incident responses to mitigate risks. Ting’s firm provides technology that seeks to improve PHI visibility across systems, which is crucial in preventing data breaches and ensuring patient trust in their healthcare providers.

"You Can't Rebuild Data": The Key Role of Visibility in Protecting Information | healthsystemcio.com healthsystemCIO.com

One Medical, led by CEO Trent Green, is planning further expansion but distances itself from the term "disruption" typically associated with such moves. The article outlines potential changes and expansions for One Medical's clinics amidst the backdrop of Amazon's workforce adjustments earlier in the year, aiming to differentiate the Amazon-One Medical partnership from other healthcare market entries by large retailers. The specifics of market targets, possible clinic closures, and staffing plans are highlighted as part of the strategic growth effort.

Why Amazon's One Medical is plotting more expansion publication

In February, a significant ransomware attack targeted a UnitedHealth Group subsidiary, potentially compromising the personal data of a third of Americans and disrupting pharmacy operations nationwide. UnitedHealth CEO, Andrew Witty, disclosed to Congress that it might take months to identify and notify affected individuals due to the ongoing data analysis. Witty confirmed a $22 million ransom was paid to the hackers, who exploited a weakly secured server, and he has since apologized for the breach. This incident, considered one of the largest healthcare cyberattacks in US history, has exposed vulnerabilities in the health sector's cybersecurity infrastructure, prompting calls for tighter regulations. Despite paying the ransom, UnitedHealth is under scrutiny for its data protection practices, with an ongoing investigation by the Department of Health and Human Services and continued pressure from lawmakers to clarify the extent of data compromise.

A third of Americans could have had data stolen in big health care hack CNN

Dropbox, Inc. disclosed a cybersecurity incident affecting the Dropbox Sign (formerly HelloSign) production environment through an SEC 8-K filing on May 1, 2024. This unauthorized access was first detected on April 24, 2024, and involved a threat actor accessing Dropbox Sign user information, including emails, usernames, phone numbers, hashed passwords, and certain authentication details such as API keys, OAuth tokens, and multi-factor authentication. The incident, believed to be limited to Dropbox Sign infrastructure without impacting other Dropbox products, prompted immediate security responses including password resets, user notifications, and coordination with law enforcement and regulatory authorities. Remediation efforts are underway, and while there has been no evidence of access to the contents of users' accounts or payment information, Dropbox acknowledges the breach has violated their standard of trust and is conducting a comprehensive review to prevent future incidents.

2024-05-01 DROPBOX, INC. Cybersecurity Incident board-cybersecurity.com

David Ting, Tausight's CTO, and Larry Ponemon from the Ponemon Institute highlight the escalating risks and inefficiencies in healthcare data security during a webinar. Their research identifies a pervasive lack of visibility into where and how Protected Health Information (PHI) is stored and accessed, weaknesses exacerbated by frequent cyberattacks and inadequate cyber-hygiene practices. They emphasize the need for heightened responsibility and advanced solutions to locate, protect, and manage PHI effectively, advocating for better awareness, data management policies, and rapid incident responses to mitigate risks. Ting’s firm provides technology that seeks to improve PHI visibility across systems, which is crucial in preventing data breaches and ensuring patient trust in their healthcare providers.

"You Can't Rebuild Data": The Key Role of Visibility in Protecting Information | healthsystemcio.com healthsystemCIO.com

One Medical, led by CEO Trent Green, is planning further expansion but distances itself from the term "disruption" typically associated with such moves. The article outlines potential changes and expansions for One Medical's clinics amidst the backdrop of Amazon's workforce adjustments earlier in the year, aiming to differentiate the Amazon-One Medical partnership from other healthcare market entries by large retailers. The specifics of market targets, possible clinic closures, and staffing plans are highlighted as part of the strategic growth effort.

Why Amazon's One Medical is plotting more expansion publication