Explore

Rapid Read Rapid Read
Vitas Hospice Data Breach Exposes Personal Information of Over 300,000 Individuals

Vitas Hospice Data Breach Exposes Personal Information of Over 300,000 Individuals

Vitas Healthcare, the largest for-profit hospice chain in the United States, has experienced a significant data breach affecting over 300,000 individuals. The breach was discovered on October 24, 2025, and involved unauthorized access to Vitas systems through a compromised vendor account. The attacker maintained access from September 21 to October 27, during which they downloaded sensitive personal information of current and former patients. This data includes names, addresses, phone numbers, dates of birth, driver’s license numbers, Social Security numbers, medical and insurance information, and contact details for next of kin. The U.S. Department of Health and Human Services' healthcare data breach tracker has confirmed the impact on 319,177 individuals. It remains unclear if this breach was part of a ransomware attack, as no group has claimed responsibility.
Rapid Read Rapid Read
VITAS Hospice Services Faces Data Breach Affecting 300,000 Patients

VITAS Hospice Services Faces Data Breach Affecting 300,000 Patients

VITAS Hospice Services, a major provider of hospice and palliative care in the U.S., has experienced a significant data breach. The breach occurred between September 21 and October 27, 2025, when an unauthorized individual accessed VITAS systems through a compromised vendor account. Approximately 300,000 current and former patients' data, including personal contact details, Social Security numbers, and medical records, may have been compromised. Edelson Lechtzin LLP, a national class action law firm, is investigating potential legal claims on behalf of affected individuals. The firm advises those impacted to monitor their financial accounts and credit reports for suspicious activity.
Rapid Read Rapid Read
Edelson Lechtzin LLP Investigates VITAS Hospice Data Breach Affecting 300,000 Patients

Edelson Lechtzin LLP Investigates VITAS Hospice Data Breach Affecting 300,000 Patients

Edelson Lechtzin LLP, a national class action law firm, is investigating a significant data breach at VITAS Hospice Services, LLC. The breach, discovered on October 24, 2025, involved unauthorized access to VITAS systems through a compromised vendor account. This incident potentially exposed sensitive information of approximately 300,000 current and former patients. The compromised data includes personal contact details, Social Security and driver’s license numbers, next-of-kin information, medical records, and insurance information. The unauthorized access occurred between September 21 and October 27, 2025. Edelson Lechtzin LLP is exploring legal remedies for those affected by the breach.
Rapid Read Rapid Read
Healthcare Providers Oppose Proposed HIPAA Update Due to Regulatory Burden

Healthcare Providers Oppose Proposed HIPAA Update Due to Regulatory Burden

Over 100 healthcare provider groups have expressed opposition to a proposed update to the HIPAA Security Rule, urging the Department of Health and Human Services (HHS) to withdraw the proposal. The groups, led by the College of Healthcare Information Management Executives, argue that the proposed changes would impose significant financial burdens and unreasonable implementation timelines. They advocate for a collaborative approach to developing cybersecurity standards that protect health information without imposing excessive regulatory burdens. Major organizations, including the American Medical Association and the Federation of American Hospitals, have signed the letter opposing the update.
Rapid Read Rapid Read
Over 100 Provider Groups Urge HHS to Withdraw Proposed HIPAA Update

Over 100 Provider Groups Urge HHS to Withdraw Proposed HIPAA Update

More than 100 healthcare organizations have opposed the Department of Health and Human Services' (HHS) proposed updates to the HIPAA Security Rule, citing financial burdens and tight implementation timelines. The proposed rule aims to update cybersecurity standards in response to technological advancements and increased cyber threats. However, provider groups argue for a more collaborative approach to developing practical standards without imposing excessive regulatory burdens.
Rapid Read Rapid Read
Healthcare Providers Urge HHS to Withdraw Proposed HIPAA Update

Healthcare Providers Urge HHS to Withdraw Proposed HIPAA Update

Over 100 healthcare provider groups have urged the Department of Health and Human Services (HHS) to withdraw a proposed update to the HIPAA Security Rule. The groups, led by the College of Healthcare Information Management Executives, argue that the proposed regulations impose financial burdens and unreasonable implementation timelines. They claim these changes contradict President Trump's deregulatory agenda. The proposed update, announced in January, aims to enhance cybersecurity and privacy standards for healthcare entities. However, the provider groups advocate for a collaborative approach to develop practical cybersecurity standards without imposing excessive regulatory burdens.
Rapid Read Rapid Read
Services Australia May Gain Authority to Address Data Breach Notifications

Services Australia May Gain Authority to Address Data Breach Notifications

Services Australia, responsible for managing data on 27.5 million Australians, may soon receive new powers to compel third parties to disclose data breaches involving government identifiers like Medicare and Centrelink numbers. This development follows a recommendation from a federal auditor, highlighting the agency's current lack of authority to enforce such disclosures. The agency has seen a significant increase in data breaches, rising from seven in 2022-23 to 82 in 2024-25, primarily due to malicious activities. The Attorney-General’s department and the Office of the Australian Information Commissioner have expressed support for the proposed changes, which may require legislative reform. The audit also noted that Services Australia has struggled with timely notifications of data breaches to the OAIC, with many reports delayed beyond the statutory timeframe.
Rapid Read Rapid Read
Vitas Hospice Data Breach Affects Over 300,000 Individuals, Exposing Sensitive Information

Vitas Hospice Data Breach Affects Over 300,000 Individuals, Exposing Sensitive Information

Vitas Healthcare, the largest for-profit hospice chain in the U.S., experienced a significant data breach affecting over 300,000 individuals. The breach, discovered on October 24, involved unauthorized access to Vitas systems via a compromised vendor account. The attacker maintained access from September 21 to October 27, during which personal information of current and former patients was downloaded. This included names, addresses, phone numbers, dates of birth, driver's license numbers, Social Security numbers, medical and insurance information, and contact details for next of kin. The U.S. Department of Health and Human Services' data breach tracker confirmed the impact on 319,177 individuals. The nature of the attack remains unclear, with no known ransomware group claiming responsibility.
Rapid Read Rapid Read
Tri-Century Eye Care Data Breach Exposes Personal Information of 200,000 Individuals

Tri-Century Eye Care Data Breach Exposes Personal Information of 200,000 Individuals

Tri-Century Eye Care, a healthcare provider in Bucks County, Pennsylvania, has reported a significant data breach affecting approximately 200,000 individuals. The breach, detected on September 3, was disclosed in a notice on the company's website in late October. The attackers accessed files containing sensitive information, including names, dates of birth, Social Security numbers, medical and health information, health insurance details, payment information, and tax or financial data. The Pear ransomware group has claimed responsibility for the attack, stating they stole over 3 terabytes of data, which includes HR, financial, and business operations documents, as well as emails and databases. The group has since released the stolen files publicly, indicating that Tri-Century Eye Care did not pay the ransom. This incident is part of a broader trend of data breaches affecting healthcare providers, with other eye care providers like Retina Group of Florida and Asheville Eye Associates also experiencing simil...
Trendline Trendline
Law Firm to File Class-Action Suit Against Coupang's US Headquarters Over Data Leak

Law Firm to File Class-Action Suit Against Coupang's US Headquarters Over Data Leak

Law Firm to File Class-Action Suit Against Coupang's US Headquarters Over Data Leak
Rapid Read Rapid Read
React2Shell Vulnerability Exploited by China-Linked Hackers

React2Shell Vulnerability Exploited by China-Linked Hackers

The React2Shell vulnerability, identified as CVE-2025-55182, is currently being exploited by threat actors linked to Chinese state interests. This critical vulnerability, with a CVSS v3.1 score of 10, affects React Server Components versions 19.0.0 to 19.2.0. Amazon Web Services (AWS) has confirmed that groups such as Earth Lamia and Jackpot Panda are actively exploiting this flaw. These groups are known for targeting sectors like financial services, logistics, and government organizations across various regions. Over 2.15 million internet-facing services are potentially affected, with several proof-of-concept exploits already in circulation. The vulnerability allows for pre-authentication remote code execution, posing a significant threat to affected systems.
Trendline Trendline
Coupang Faces U.S. Class Action Lawsuit Over Data Breach Impacting Millions

Coupang Faces U.S. Class Action Lawsuit Over Data Breach Impacting Millions

Coupang Faces U.S. Class Action Lawsuit Over Data Breach Impacting Millions