Technology
The sickening truth: Healthcare data breaches reach all-time high
If your healthcare data hasn’t been breached in 2024, then you either don’t know it yet or should consider yourself very lucky.
That’s because 2024 was a nightmare year for healthcare institutions and patients in the U.S. A total of 184,111,469 records were breached. That’s 53% of the 2024 population of the United States.
This staggering figure represents a significant increase from previous years, setting a new and alarming record in healthcare data breaches.
The healthcare sector faced unprecedented challenges in cybersecurity, with attacks becoming more frequent, sophisticated and damaging than ever before.
I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2
Illustration of a hacker at work stealing healthcare data (Kurt “CyberGuy” Knutsson)
Health check or data leak?
Being admitted to a hospital is stressful enough. It caused additional stress for the 100 million clients of Change Healthcare, whose data was exposed following a breach orchestrated by the BlackCat ransomware group. Not only did the breach expose sensitive health information, but it also caused widespread disruptions in claims processing. Patients and providers across the country faced chaos as the breach impacted their ability to access and pay for healthcare services.
The second significant breach occurred at Kaiser Foundation Health Plan, where the personal data of 13.4 million individuals was compromised. This breach involved unauthorized access and the use of tracking technologies that transmitted user interactions to third parties.
Illustration of healthcare data needing to be locked up (Kurt “CyberGuy” Knutsson)
HACKERS CLAIM MASSIVE BREACH OF COMPANY THAT TRACKS AND SELLS AMERICANS’ LOCATION DATA
Your health data gets breached, so what?
You’ll receive a notification letter, although be aware that it may take months before it reaches you (as was the case for victims of the Ascension Health data breach). The consequences are real and can be very painful. Medical identity theft directly affects patients’ health and safety. It happens when criminals use stolen personal health information to obtain medical services or medications under another person’s name. It can result in incorrect medical records being created that can include inaccurate diagnoses, allergies or treatments.
And as you may have guessed, it can also result in financial repercussions, such as patients getting fraudulent claims and bills for services they did not receive. Resolving these issues with insurers and healthcare providers takes time and mental strength. And you’re probably not in a hurry to see your breached healthcare provider ever again. That’s normal. A study has shown that up to 54% of patients consider switching providers after a data breach.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
A doctor looking at healthcare data on a screen (Kurt “CyberGuy” Knutsson)
ARE DATA BROKERS ENDANGERING YOUR RETIREMENT SECURITY?
When health data gets into the hands of data brokers
Sensitive health information can easily be combined with personal identifiers from data brokers, creating comprehensive profiles that criminals can exploit. As a reminder, data brokers are companies that specialize in collecting, processing and selling personal information from various sources, including public records, online activities and social media.
They aggregate this data to create detailed consumer profiles that can be sold to marketers, insurance companies and other entities for various purposes. The more detailed the profile, the higher the chance of identity theft and potential discrimination in employment and insurance. Employers might make hiring decisions based on perceived health risks, while insurers could deny coverage or increase premiums.
A doctor and patient in a healthcare facility (Kurt “CyberGuy” Knutsson)
THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION
Wash your hands, remove your data
You can’t prevent a data breach, but you can minimize its consequences by reducing your digital footprint overall.
1. Set your social media to private: Restrict access to your personal information and limit what strangers can see about your life and potentially your health status. Ensure your privacy settings are robust and regularly updated to prevent unauthorized data collection.
2. Remove your personal data from data brokers’ databases: Either by searching for your name on people search sites and requesting removals, one by one, or by using a data removal service. Data removal services automate data removal for you and let you track where exactly your data has been found and whether it was removed, not only on people search sites, which are public data brokers, but also on hidden, private databases where you can’t look yourself up (and these are the worst).
Once your data is removed, data removal services monitor data brokers for your data and remove it again as needed (because it has a tendency to be re-listed after a while). This way, you prevent data broker companies from compiling a full profile on you and selling it to the first bidder, whether that’s a hacker, a marketing agency or an insurance company. Check out my top picks for data removal services here.
3. Delete all unused apps on your phone: Unused applications can be hidden gateways for data leakage and potential security vulnerabilities. Regularly audit and remove apps that you no longer use or need.
4. Check the permissions of the ones you want to keep: Review each app’s access to your personal data, location and device features to ensure you’re not inadvertently sharing more information than necessary. Be particularly cautious with health and fitness tracking applications.
5. Use a VPN (virtual private network) when browsing: Encrypt your online activities and mask your digital location to add an extra layer of anonymity and protection. A reliable VPN can help shield your personal information from potential interceptors and data miners. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.
Kurt’s key takeaways
The reality of healthcare data breaches is daunting, but it’s not entirely out of your control. While you can’t prevent breaches from happening, you can take steps to minimize the risks and protect your personal information. Think of it as adding locks to your digital doors: set your social media to private, use a VPN and clean up unused apps. Remember, the less information you leave out there, the harder it is for bad actors to exploit it. Stay vigilant and don’t let your data become someone else’s advantage.
How do you feel about the growing risks to your personal information, and what steps have you taken to protect your data? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Updates to [@]Grok Account
We have implemented technological measures to prevent the Grok account from allowing the editing of images of real people in revealing clothing such as bikinis. This restriction applies to all users, including paid subscribers.
Additionally, image creation and the ability to edit images via the Grok account on the X platform are now only available to paid subscribers. This adds an extra layer of protection by helping to ensure that individuals who attempt to abuse the Grok account to violate the law or our policies can be held accountable.
Geoblock update
We now geoblock the ability of all users to generate images of real people in bikinis, underwear, and similar attire via the Grok account and in Grok in X in those jurisdictions where it’s illegal.
NEWYou can now listen to Fox News articles!
Mac users often assume they’re safer than everyone else, especially when they stick to official app stores and trusted tools.
That sense of security is exactly what attackers like to exploit. Security researchers have now uncovered a fresh wave of malicious Mac extensions that don’t just spy on you, but can also steal cryptocurrency wallet data, passwords and even Keychain credentials. What makes this campaign especially concerning is where the malware was found, inside legitimate extension marketplaces that many people trust by default.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Once active, GlassWorm targets passwords, crypto wallets, and even your macOS Keychain without obvious warning signs. (Cyberguy.com)
How malicious Mac extensions slipped into trusted stores
Security researchers at Koi Security uncovered a new wave of the GlassWorm malware hiding inside extensions for code editors like Visual Studio Code (via Bleeping Computer). If you’re not familiar with code editors, they’re tools developers use to write and edit code, similar to how you might use Google Docs or Microsoft Word to edit text. These malicious extensions appeared on both the Microsoft Visual Studio Marketplace and OpenVSX, platforms widely used by developers and power users.
FAKE AI CHAT RESULTS ARE SPREADING DANGEROUS MAC MALWARE
At first glance, the extensions looked harmless. They promised popular features like code formatting, themes or productivity tools. Once installed, though, they quietly ran malicious code in the background. Earlier versions of GlassWorm relied on hidden text tricks to stay invisible. The latest wave goes further by encrypting its malicious code and delaying execution, making it harder for automated security checks to catch.
Even though this campaign is described as targeting developers, you don’t need to write code to be at risk. If you use a Mac, install extensions or store passwords or cryptocurrency on your system, this threat still applies to you.
What GlassWorm does once it’s on your Mac
Once active, GlassWorm goes after some of the most sensitive data on your device. It attempts to steal login credentials tied to platforms like GitHub and npm, but it doesn’t stop there. The malware also targets browser-based cryptocurrency wallets and now tries to access your macOS Keychain, where many saved passwords are stored.
Researchers also found that GlassWorm checks whether hardware wallet apps like Ledger Live or Trezor Suite are installed. If they are, the malware attempts to replace them with a compromised version designed to steal crypto. That part of the attack isn’t fully working yet, but the functionality is already in place.
To maintain access, the malware sets itself up to run automatically after a reboot. It can also allow remote access to your system and route internet traffic through your Mac without you realizing it, turning your device into a quiet relay for someone else.
Some of the malicious extensions showed tens of thousands of downloads. Those numbers can be manipulated, but they still create a false sense of trust that makes people more likely to install them.
7 steps you can take to stay safe from malicious Mac extensions
Malicious extensions don’t look dangerous. That’s what makes them effective. These steps can help you reduce the risk, even when threats slip into trusted marketplaces.
1) Only install extensions you actually need
Every extension you install increases risk. If you’re not actively using one, remove it. Be especially cautious of extensions that promise big productivity gains, premium features for free or imitate popular tools with slightly altered names.
2) Verify the publisher before installing anything
Check who made the extension. Established developers usually have a clear website, documentation and update history. New publishers, vague descriptions or cloned names should raise red flags.
These malicious extensions looked like helpful tools but quietly ran hidden code once installed. (Cyberguy.com)
3) Use a password manager
A password manager keeps your logins encrypted and stored safely outside your browser or editor. It also ensures every account has a unique password, so if one set of credentials is stolen, attackers can’t reuse it elsewhere.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
HOW HACKERS ARE BREAKING INTO APPLE DEVICES THROUGH AIRPLAY
4) Run strong antivirus software on your Mac
Modern macOS malware doesn’t always drop obvious files. Antivirus tools today focus on behavior, looking for suspicious background activity, encrypted payloads and persistence mechanisms used by malicious extensions. This adds a critical safety net when something slips through official marketplaces.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
5) Consider a personal data removal service
When your data leaks, it often spreads across data broker sites and breaches databases. Personal data removal services help reduce how much of your information is publicly available, making it harder for attackers to target you with follow-up scams or account takeovers.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
6) Turn on two-factor authentication (2FA)
Enable 2FA wherever possible, especially for email, cloud services, developer platforms and crypto-related accounts. Even if a password is stolen, 2FA can stop attackers from logging in.
7) Keep macOS and your apps fully updated
Security updates close gaps that malware relies on. Turn on automatic updates so you’re protected even if you miss the headlines or forget to check manually.
Mac users often trust official app stores, but that trust is exactly what attackers are counting on. (Kurt “CyberGuy” Knutsson)
Kurt’s key takeaway
GlassWorm shows that malware doesn’t always come from shady downloads or obvious scams. Sometimes it hides inside tools you already trust. Even official extension stores can host malicious software long enough to cause real harm. If you use a Mac and rely on extensions, a quick review of what’s installed could save you from losing passwords, crypto or access to important accounts.
When was the last time you checked the extensions running on your Mac? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
BMW teased its forthcoming all-electric M-series performance sedan today, promising that the quad-motor M3 sports car would feature specs that are truly next level when it arrives in 2027.
The M3 will have four electric motors and simulated gear shifting, a feature that is quickly becoming a must-have for electrified sports cars. BMW says the setup unlocks the benefits of both rear and all-wheel drive, with the ability to decouple the front axle.
The electric M3 will also be built on BMW’s Neue Klasse platform that promises more efficient batteries, lightning fast charging, and higher powered computers. The architecture will be 800-volt, the regenerative braking will be highly efficient, and if the camouflaged pictures are any indication, it will be a real looker on the streets.
Speaking of computers, the M3 will have four of them, unified under its oddly named “Heart of Joy” component that aggregates all the traction, stability, and electric motor management functions of the vehicle. That means when software updates are made available, the vehicle’s brain will be able to receive them over-the-air faster than BMW’s current processors.
The M3’s simulated gear shifting will feature a “newly developed soundscape” that “channels pure emotion.” Like other automakers, BMW is loath to alienate its loyal M-series customers by giving them all the torque but none of the gearing feedback. And now a fake “soundscape” will accompany all that shifting. Porsche, Hyundai, and Dodge are also on board the fake EV gear shifting bandwagon.
Penn Township fires finance director after about 5 months on the job
Focused on Fitness | Ithaca College
Thalaivar Thambi Thalaimaiyil Movie Review: Familiar romp with enough comic spark
Iran warns of retaliation if Trump strikes, US withdraws some personnel from bases
Julio Iglesias accused of sexual assault as Spanish prosecutors study the allegations
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Video: ‘It Didn’t Have to Happen This Way:’ U.Va. Faculty Call for Review of Police Response to Protests
Hochul endorses legislation to allow New Yorkers to sue ICE agents: ‘Power does not justify abuse’
Iran reopens airspace after closure to most flights amid US attack threats
Trump says he’s been assured Tehran has stopped killing protesters as Iran reopens its airspace – live
Republicans light cigars, cigarettes on burning photos of Khamenei to show support for Iranian protesters
EU Parliament questions defence loan’s ‘€17 billion gift’ to Hungary
-
Montana4 days agoService door of Crans-Montana bar where 40 died in fire was locked from inside, owner says
-
Technology1 week agoPower bank feature creep is out of control
-
Delaware6 days agoMERR responds to dead humpback whale washed up near Bethany Beach
-
Dallas, TX6 days agoAnti-ICE protest outside Dallas City Hall follows deadly shooting in Minneapolis
-
Dallas, TX1 week agoDefensive coordinator candidates who could improve Cowboys’ brutal secondary in 2026
-
Education1 week agoVideo: This Organizer Reclaims Counter Space
-
Virginia5 days agoVirginia Tech gains commitment from ACC transfer QB
-
Iowa1 week agoPat McAfee praises Audi Crooks, plays hype song for Iowa State star