NSW medical records at risk due to poor cybersecurity: Proofpoint study

Managing User Accounts and Permissions in EHR Systems October is Healthcare Awareness Month, and securing patient data is just as important as saving lives. Many hospitals in Nigeria and West Africa are going digital, but weak account controls put patient data at risk. Shared logins, weak passwords like “1234,” and active accounts of former staff create easy backdoors for cybercriminals. All it takes is one compromised login to access patient records or deploy ransomware. ✅ What hospitals should do: Use Role-Based Access Control (RBAC) give people only the access they need. Enforce strong passwords + multi-factor authentication (MFA). Audit accounts regularly, remove inactive or “ghost” accounts. Auto-lock idle sessions and restrict logins to approved devices. Monitor logs to detect unusual activity early. Security is everyone’s responsibility. Protecting access = protecting patients. At Clarensec, we help hospitals strengthen cybersecurity through access audits, penetration testing, and staff training — so no forgotten login becomes the start of a breach. Check out the full article on our blog https://lnkd.in/erMxWeP6 and read on how hospitals can reduce cybersecurity risks by properly managing user accounts and access permissions. Discover practical steps IT teams can take to protect patient data and critical hospital systems. 🛡️ Secure access. Protect trust. Save lives. #CyberAwarenessMonth #cybersecuritytips #Cybersecurity #Clarensec #healthcaresecurity #hospital #safety #password

When hospital systems go down, it’s not just data at risk - it's patients. Hospital data is among the most sensitive in the world, and as healthcare becomes increasingly digital and AI-enabled, protecting data means protecting lives. Together with my colleague Radu Balanescu we explored why cybersecurity must become a clinical priority - and how healthcare leaders can strengthen trust, resilience, and patient safety across the system. Read our full piece here 👇 https://lnkd.in/d9yj3AGn #Cybersecurity #Healthcare #DigitalResilience #PatientSafety #BCG

The healthcare sector remains a prime target for ransomware, with attacks escalating and threatening patient data and critical clinical services. At STTLA Syndicate, we believe a robust, NIST-aligned incident response framework, coupled with unwavering HIPAA Security Rule compliance, is not just a best practice—it's essential for patient safety and operational continuity. Our approach focuses on rapid containment, staged restoration from immutable backups, and a comprehensive defense-in-depth program. We operationalize ransomware profiles into clinical recovery runbooks, ensuring EHRs, PACS, pharmacy systems, and medical devices are brought back online efficiently and securely. Is your organization prepared for the next wave? Let's discuss building true cyber resilience. #HealthcareCybersecurity #Ransomware #HIPAA #NIST #IncidentResponse #PatientSafety #CyberResilience #STTLASyndicate #HealthcareIT #DataProtection

🚨 100 million healthcare records stolen—UnitedHealth confirms the largest healthcare breach in history. The Change Healthcare ransomware attack by BlackCat (ALPHV) gang has officially become a watershed moment for healthcare cybersecurity. Over 100 million Americans had their personal health information, medical records, and sensitive identifiers compromised in this unprecedented breach. 🔍 This attack highlights critical vulnerabilities in healthcare infrastructure: • Healthcare systems remain prime targets due to sensitive data value • Ransomware groups are specifically targeting medical supply chains • The interconnected nature of healthcare networks amplifies breach impact • Recovery costs and operational disruption extend far beyond initial ransom demands The scale of this breach forces us to reconsider our approach to healthcare cybersecurity. Traditional perimeter defenses clearly aren't sufficient when dealing with sophisticated threat actors like ALPHV who understand the critical nature of healthcare operations. 💬 How should healthcare organizations fundamentally restructure their security posture after breaches of this magnitude? Are we treating healthcare cybersecurity with the urgency it deserves? #CyberSecurity #ThreatIntelligence #Ransomware #Healthcare

Qilin ransomware has claimed another high-profile victim - MedImpact Healthcare Systems. 👉 https://lnkd.in/gFA5mh_N The U.S.-based pharmacy benefit and health solutions provider has reportedly been targeted by the Qilin ransomware group, which claims to have exfiltrated 160GB of sensitive data. 💡 The ransomware operators are known for their double-extortion tactics — encrypting files and threatening to leak stolen information if ransom demands aren’t met. This latest incident raises critical concerns about healthcare data privacy, particularly involving protected health information (PHI) and personally identifiable information (PII). ⚠️ With healthcare systems continuing to face relentless cyberattacks, this serves as a reminder of the urgent need for: ✅ Continuous threat monitoring ✅ Strong incident response frameworks ✅ Employee training to reduce human-factor vulnerabilities The healthcare industry remains a prime target due to the value of patient data and the operational urgency of hospitals and service providers. 💬 How can healthcare institutions strengthen ransomware resilience in such a volatile threat landscape? Share your insights below. #Cybersecurity #Ransomware #HealthcareSecurity #QilinRansomware #MedImpact #DataBreach #Infosec #TechNadu

Patient data is valuable—and breaches have real consequences. In 2024, over 276 million healthcare records were exposed in the U.S., including the largest-ever breach affecting 190 million people. Healthcare remains a top target, with cyberattacks costing an average of nearly $10 million per incident. Recently, a Louisiana provider paid $875,000 after a breach exposed nearly 130,000 patients’ personal and health information. This case highlights the critical need for strong data security: encrypt data, rotate credentials, and rehearse incident response. Patients, protect yourself by placing fraud alerts, using password managers, and enabling multi-factor authentication. Security is patient safety. Stay informed, stay protected. #HealthDataBreach #PatientSafety #Cybersecurity #DataProtection #HIPAA #MedicalSecurity #HealthcareRisks #CyberAttack #PMGUpdates

Cybersecurity in Healthcare: A Wake-Up Call for Independent Practices In 2024, over 180 million patient records were breached in U.S. healthcare—about 750,000 every single day. Most of the headlines focus on big hospital systems. But smaller, independent practices are often the easiest targets. Limited IT resources. Outdated systems. Vendors without proper safeguards. All create the perfect storm for ransomware and data theft. And when it happens, it’s not just an “IT problem.” It’s patient safety. It’s trust. It’s your ability to keep your doors open. At MedCBO, we see every day how secure workflows and compliance frameworks protect independent physicians—not just from breaches, but from operational collapse. Cybersecurity isn’t optional. It’s the foundation of modern medical practice. #HealthcareSecurity #Cybersecurity #IndependentPhysicians #HIPAA #HealthIT #MedCBO #PatientSafety #MedicalPracticeManagement

Excellent reminder that cybersecurity is no longer a “back-office” concern—it’s part of patient care. Too often, independent practices underestimate the risk until it’s too late. The fallout isn’t just financial; it impacts access, continuity, and community trust. At MedCBO, we’ve seen how simple steps—proper access controls, secure backups, and vendor oversight—can make the difference between a short disruption and a full operational shutdown. The takeaway: independence requires infrastructure, and that includes cyber resilience.

Patients entrust medical practices with their most sensitive health information; while that information is important to vital areas like patient care and the revenue stream, documenting so much valuable personal data also makes medical practices a prime target for cybercriminals. Healthcare organizations have a responsibility to protect patient info, and in the face of ever-evolving cyber threats, thorough and proactive cybersecurity measures must be a top priority of any medical practice. Stay up to date on our blogs & news → https://lnkd.in/eaDaKrGB

@SCMagazine Canada’s healthcare system stands at a digital crossroads, where #cybersecurity is now patient safety. The latest Pulse Check report reveals 1 in 3 institutions faced #ransomware attempts last year. #healthIT #CISO #infosec #ITsecurity https://lnkd.in/gTHKeshN