Down, down, down go Conduent’s stock prices. Breaches by third-party vendors or business associates account for the majority of patient records breached in incidents. The 2025 Breach Barometer report, which includes more than HIPAA-covered entities, found that 77% of breached patient records resulted from business associate breaches. Some business associate breaches affect millions of patients […]
Updates to two business associate breaches reveal that millions of patients have been impacted by third-part breaches, with Healthcare Interactive’s breach affecting 3 million patients and TriZetto Provider Solutions’s breach reportedly affecting another 700,000 patients. Healthcare Interactive Healthcare Interactive (“HCIactive”) is a Maryland-based provider of AI-powered software solutions for insurance enrollment and benefits administration. In […]
Cybersecurity Dive reports: Conduent said it may face additional financial risks related to a January 2025 attack that impacted a number of state governments and other organizations. The attack at the New Jersey-based payments contractor led to data breaches across a number of organizations, including state government agencies and insurance providers. In the state of Wisconsin, […]
BleepingComputer reports: The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. In these attacks, threat actors impersonate IT support and call employees, tricking them into […]
Apple Insider reports: Apple supply chain member Luxshare suffered a major data breach in December, and hackers that pilfered the files are now offering it for sale on the dark web. It looks legit. The Apple supply chain is typically a very secure system, and core to the existence of Apple itself. This leads it […]
The Minnesota Star Tribune reports: A breach in a Minnesota Department of Human Services system allowed inappropriate access to the private data of nearly 304,000 people. There is not evidence the data was misused, the department said in a Jan. 16 letter notifying impacted individuals. The letter was sent about four months after the breach […]
The HIPAA Journal reports: TriZetto Provider Solutions, a Cognizant-owned provider of revenue management services to physicians, hospitals, and health systems, has started notifying certain healthcare clients about a recently identified cybersecurity incident. On October 2, 2025, suspicious activity was identified within a web portal used by some of its healthcare provider customers to access TriZetto […]
Sarah Hemmersbach or Mitratech Holdings writes: A third-party data breach occurs when malicious actors compromise a vendor, supplier, contractor, or other organization to gain access to sensitive information or systems of the victim’s customers, clients, or business partners. Third-party data breaches are becoming increasingly common as technology makes it easier for businesses to connect and […]
HIPAA Journal reports: The number of individuals affected by the hacking incident at Oracle Health has yet to be confirmed; however, the data breach is known to have affected approximately 80 hospitals, although a list of those hospitals has not been made public. Oracle Health has been notifying the affected healthcare provider clients, some of […]
Geo News reports: Russian hackers have sent shockwaves through Britain’s health system after gaining access to hundreds of thousands of sensitive NHS documents some of them linked to the Royal Household. The cyber breach, blamed on a ransomware gang exploiting a flaw in NHS software, has resulted in around 169,000 confidential files being dumped on […]
