Healthcare Sees 224% Annual Increase in Attacks Targeting Mobile Devices
There has been a significant increase in cyberattacks targeting Android mobile devices in critical infrastructure sectors in the past year, according to a new report from the cybersecurity firm Zscaler. The biggest increase was in the energy sector, which saw a 387% increase in mobile attacks, followed by healthcare (224%) and manufacturing (111%). The Zscaler ThreatLabz team analyzed data collected from customers’ mobile and Internet of Things (IoT) devices between June 2024 and May 2025, the findings of which were published in Zscaler’s 2025 Mobile, IoT & OT Threat Report. “Mobile, IoT, and OT systems have become the backbone of business operations today, enabling innovation and powering critical infrastructure across industries,” explained Zscaler in the report. “Mobile devices now dominate global connectivity, while IoT and OT systems keep manufacturing, healthcare, transportation, and smart cities running.” Attackers are taking advantage of the proliferation of mobile devices and the expanding web of connectivity. The increase in hybrid and remote working,...
DealMed Medical Supplies Announces July 2025 Cyberattack
DealMed Medical Supplies has confirmed that sensitive data was stolen in a July ransomware attack, the Wisconsin Department of Corrections has identified a HIPAA breach, and Healthcare Therapy Services in Indiana has experienced a breach of its email system. DealMed Medical Supplies Dealmed Medical Supplies, a Brooklyn, NY-based manufacturer and distributor of medical supplies, has recently announced a data security incident that was identified on July 7, 2025. Immediate action was taken to secure its network, and an investigation was launched to determine the nature of the activity. The investigation confirmed that an unauthorized third party accessed its network and may have viewed or obtained sensitive company data on or around June 7, 2025. DealMed has been reviewing the affected files, and on October 31, 2025, it was confirmed that protected health information had been exposed and potentially stolen. The impacted data included names and Social Security numbers. Notification letters are being sent to the affected individuals, and complimentary single-bureau credit monitoring,...
Wakefield & Associates Announces Breach of Client Data
Wakefield & Associates, a Knoxville, Tennessee-based vendor that offers revenue cycle & collections services to healthcare providers, has recently announced a security incident that was identified on or around January 17, 2025. Wakefield & Associates explained in a website data breach notice that suspicious activity was identified within its computer systems, and the forensic investigation confirmed unauthorized access to files containing the protected health information of patients of its healthcare clients. Some of those files were exfiltrated from its network on or before January 17, 2025. The breach notice issued to the Maine Attorney General states that initial access occurred on January 14, 2025. Following an extensive review of the exposed data, Wakefield & Associates determined on September 24, 2025, that some of the exposed files contained protected health information that was provided to the company by its healthcare clients. The information potentially compromised in the incident was mostly limited to names and collection account information, although for...
University of Tennessee Medical Center & Margaret Mary Community Hospital Settle Meta Pixel Lawsuits
University of Tennessee Medical Center and Margaret Mary Community Hospital have both agreed to settle class action lawsuits over the use of tracking tools such as Meta Pixel on their websites. University of Tennessee Medical Center University of Tennessee Medical Center (UTMC) in Knoxville, Tennessee, has agreed to a settlement to resolve a class action lawsuit that alleged UTMC violated the Tennessee Consumer Protection Act by adding tracking technologies to its website, resulting in the unauthorized disclosure of patients’ personally identifiable health information to Meta, Google, and other third parties. The lawsuit – Geoffrey Cavalier v. University Health Systems, Inc. d/b/a The University of Tennessee Medical Center – was filed in the Chancery Court for Knox County, Tennessee, and alleged that UTMC used tracking technologies such as Meta Pixel on its websites between January 1, 2015, and September 30, 2023. The plaintiffs allege that the tracking technologies collected and transmitted their personally identifiable information (PII) and protected health information...
HELP Committee Chair Introduces Health Information Privacy Reform Act to Protect Americans’ Health Data
New legislation – the Health Information Privacy Reform Act – has been introduced to improve privacy protections for health information that is not currently covered by the Health Insurance Portability and Accountability Act (HIPAA). Under HIPAA, there are strict limits on uses and disclosures of personally identifiable health information, and safeguards must be implemented to prevent unauthorized access to physical and electronic protected health information. The problem for consumers is that the scope of HIPAA is quite narrow. HIPAA only applies to health information that is created, collected, maintained, stored, or transmitted by a HIPAA-covered entity (healthcare provider, health plan, or healthcare clearinghouse) or a business associate of a HIPAA-covered entity. Health apps, such as ovulation and fertility tracking apps, can collect large amounts of personally identifiable health information. While the health data would be classed as protected health information (PHI) and be subject to HIPAA protections if it were collected by a healthcare provider, the health...



