The HHS Office for Civil Rights (OCR) has reached a settlement with Health Fitness Corporation over potential HIPAA risk analysis gaps. OCR claimed the healthcare company failed to conduct a thorough risk analysis, leaving electronic protected health information (ePHI) exposed to web crawlers due to a software misconfiguration since 2015. This initiates the fifth settlement under OCR’s risk analysis initiative.
Banking Malware Infects 248,000 Mobile Users Through Social Engineering Techniques
The number of users affected by mobile banking malware surged nearly 3.6-fold in 2024. The Mamont Trojan, primarily targeting users in Russia and CIS countries,
