Community Health Center reveals massive data breach of the patient.
With ransomware attacks that reach record numbers, and more than a billion stolen passwords for sale at the Dark Web, I am constantly surprised that there are no more data breaches if I am honest. Not that it makes it less shocking when a healthcare provider reveals that the medical data of a million patients are affected. This is what we know about the security incident for the Community Health Centers.
More than a million medical records stolen
In an application of January 30 at the office of the Attorney General of Maine, Care Provider established in Connecticut Community Health Center Has a data breach unveiled, discovered for the first time on January 2, more than a million patients have hit after a successful attack by unknown threat actors who have gained access to his networks.
In a letter to affected patients, seen by this reporter, Mark Masselli
President and CEO of Community Health Center, Inc. said that researchers had established that “a competent criminal hacker came into our system and took some data, including your personal information.” This does not seem to have been a ransomware attack, because Masselli said that no data has been deleted or coded, and the hack had no influence on the health care activities. “We believe that we have stopped the criminal
Hacker’s access within a few hours, “said Masselli,” and that there is no current threat to our systems. “
However, there is the small issue of the files that the hacker has stolen: files with ‘personal and health information of patients who belong to 1,060,936 individuals’. The stolen data is understood as:
- Patient names
- Dates
- Contact details
- Social Security Numbers
- Medical
- Treatment data
- Test results
- Health insurance data
A medical files nightmare
“This incident emphasizes the urgency of securing infrastructure structures in health care – not only promoting patient data, but the broader ecosystem of communication, cooperation and care,” said Emily Phelps, a director of cyware, “underline incidents in this sector the Continuous risks The continuous risks are confronted with attackers who have access to sensitive data such as names, medical diagnoses and insurance details ”.
Masselli meanwhile said that Community Health Center “had strengthened our security and had added special software to pay attention to suspicious activity”, although this will be of cold comfort for patients whose medical records have been affected. Since the attacker also has access to names, birth dates and health insurance policies, this can be a extortion nachtmare that is waiting to unfold.