
Hosted by Paubox · EN
Fully Automated is your weekly rundown of the biggest healthcare cybersecurity stories, delivered in a conversational format by Alex and Jen, two AI hosts who break down breaches, vulnerabilities, and compliance news with clarity, a little dark humor, and always a practical takeaway. Perfect for healthcare IT leaders, administrators, and compliance officers who want to stay informed without wading through the noise.

In this episode, we cover emerging threats targeting healthcare and enterprise organizations, including AI platform impersonation scams, the ShinyHunters attacks on Oracle PeopleSoft systems, and research showing AI email agents are vulnerable to phishing. We also discuss Paubox joining LegitScript's Compliance Collective and the Novo Nordisk clinical trial data breach investigation. Key takeaways include verifying AI tool sources, reviewing legacy system configurations, and applying least-privilege principles to AI agents.

In this episode, we discuss Paubox Forms' new conditional logic feature, the Conduent breach affecting 62 million people, and critical findings from controlled tests revealing Amazon SES may transmit PHI in plaintext despite documentation claims. We also cover recent ransomware incidents at Mt. Baker, Northwest Radiologists, and Singing River Health System, along with key takeaways from the June Zoom social mixer on AI tooling and vendor management strategies for small IT teams.

This episode examines recent healthcare data breaches and settlements, including the $4 million IBJI case involving extended attacker dwell time, Mission Community Hospital's $1.5 million RansomHouse extortion settlement, and third-party vendor risks exposed by the La Perouse billing breach. We also discuss Rutgers University research showing hospitals using third-party tracking pixels are 46 percent more likely to experience breaches, emphasizing the critical need for system patching, vendor oversight, and web property audits.

In this episode, Alex and Jen discuss new Paubox product updates including a Forms template library and API dashboard improvements, then analyze recent healthcare data breaches affecting Esse Health, Gandara Mental Health Center, and NYC Health + Hospitals. The conversation highlights common security gaps, the growing risk of third-party vendor breaches, and practical steps organizations can take to strengthen their compliance and security posture.

This episode covers the new Paubox CLI support for Forms, the LockBit 5.0 ransomware attack on Mt. Spokane Pediatrics affecting over 32,000 patients, a CISA-flagged vulnerability in medical imaging software, and the FBI warning about the Kali365 phishing-as-a-service platform targeting Microsoft 365 credentials. The hosts discuss the security gaps facing small clinics and emphasize actionable steps including patching systems, network segmentation, and staff training to address these evolving threats.

In this episode, Jen and Alex break down the surge in QR code phishing attacks, the cautionary tale of a ransomware negotiator who defrauded healthcare clients, and practical strategies for reducing security friction. They also cover new tools for HIPAA-compliant email automation and self-service archive exports that streamline compliance workflows.

In this episode, we break down the SAG-AFTRA Health Plan's $950,000 phishing settlement, Medtronic's nine-million-record breach, and the Inc Ransom attack on Sandhills Medical Foundation. We also highlight Henderson Behavioral Health's patient-centered approach and discuss practical takeaways for strengthening your organization's security posture through staff training, system patching, and incident response planning.

In this episode, we examine a Microsoft-flagged phishing campaign that bypassed MFA across 13,000 organizations, analyze Saint Anthony Hospital's breach notification that expanded from 6,500 to 146,000 affected individuals, and discuss the ransomware attack impacting 92,000 patients at a Puerto Rico community hospital. Key takeaways include the importance of layered email security, thorough incident scoping, and addressing configuration blind spots before threat actors exploit them.

In this episode, we break down the FBI's latest Internet Crime Report naming healthcare as the top ransomware target, OCR's four new HIPAA settlements totaling over $1 million, and the Medtronic data extortion incident affecting millions of records. We also examine findings from Paubox's Healthcare Email Security Maturity Index, which reveals critical gaps in AI-based defenses despite rising AI-driven attacks, and discuss what these trends mean for your organization's security posture.

In this episode, we break down recent healthcare cybersecurity incidents including a $1.45 million class action settlement stemming from missing MFA and unencrypted data, a repeat ransomware attack on a small cardiology practice, and how attackers are bypassing traditional email authentication. We also discuss the emerging threat of AI-assisted cyberattacks and actionable steps organizations can take to address common security blind spots.