In-brief: Old and outdated software continues to plague medical environments, opening the doors to infections and data loss, even by long-forgotten computer viruses, according to a report by the security firm TrapX.
In-brief: Four million patients of more than 230 hospitals, doctors offices and clinics had patient data exposed in a May attack on the Fort Wayne, Indiana firm Medical Informatics Engineering (MIE), according to the Indiana Attorney General.
In-brief: A researcher studying the workings of a wireless-enabled drug infusion pump by the firm Hospira said the device utterly lacked security controls, making it “the least secure IP enabled device” he had ever worked with. His research prompted a warning from the Department of Homeland Security.
In-brief: Premera Blue Cross said on Tuesday that it was the victim of a sophisticated attack. The hackers had access to Premera’s network for more than six months, stealing information on as many as 11 million members and employees.
The U.S. Food and Drug Administration (FDA) on Tuesday put out a call for ideas and input on how best to secure medical devices and the healthcare system from cyber attack. In a federal notice, the FDA announced that it will hold an October workshop entitled “Collaborative Approaches for Medical Device and Healthcare Cybersecurity.” It also solicited input from stakeholders within the government and from the public health sector on medical device and healthcare cyber security. The workshop is scheduled for October 21 and 22 and will run from 9:00 AM to 5:00PM at the National Intellectual Property Rights Coordination Center Auditorium in Arlington, Virginia. [Read more Security Ledger coverage of connected medical devices here.] The Department of Health and Human Services (HHS) is looking for ideas about how best to implement aspects of both Executive Order 13636 for“Improving Critical Infrastructure” and follow-on guidance like the National Institute of Standards and Technology’s (NIST’s) “Framework for Improving […]