Medical transcription service provider MEDantex experienced a data breach affecting at least 2,300 healthcare providers after leaving a portion of its website open to the internet. The breach occurred due to misconfigured databases and exposed patient data from as early as 2007. MEDantex took down its customer web portal after being notified by security researcher Brian Krebs. The breach will need to be reported to the Department of Health and Human Services.

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted