Connect with us

Hi, what are you looking for?

Cyber Security

Data breach at US heart disease treatment center impacts 287,000 individuals

data breach at US health clinic South Denver Cardiology Associates (SDCA) has exposed the medical information of more than 287,000 people.

In a data breach notice (PDF), SDCA admitted that an unnamed attacker broke into its systems and had access to confidential databases for three days between January 2, 2022, and January 5, 2022, before the breach was detected and thwarted.

SDCA notified law enforcement and called in the help of an external computer forensics firm to determine the scope of the compromise.

This investigation revealed that attackers accessed files containing a variety of sensitive information.

The exposed data included “patients’ names, dates of birth, Social Security numbers and/or drivers’ license numbers, patient account numbers, health insurance information, and clinical information, such as physician names, dates and types of service, and diagnoses”.

In a bid to reassure potential concerned patients, SDCA said there has been “no impact to the contents of patient medical records and no unauthorized access to the patient portal”.

“We have no indication that individuals’ information has been misused as a result of this incident,” SDCA added.

Despite these assurances, the exposed healthcare and other personal data leaves affected parties more exposed to phishing attacks and the like, leveraging the compromised information to run more convincing scams.

As a precaution, SDCA has begun a mailout to patients that includes guidance on how to protect their information alongside an offer of complimentary credit
monitoring and identity protection services.

SDCA has also set up a dedicated, toll-free call center to answer patients’ questions.

Awaiting diagnosis

The Daily Swig has asked SDCA if it had identified the cause of the breach on its systems. No word back as yet, but we’ll update this story as and when more information comes to hand.

Numbers on those affected by the breach at SDCA come from a mandatory notice for breaches of unsecured protected health information, filed with the US Department of Health and Human Services Office for Civil Rights.

Source: https://portswigger.net/daily-swig/data-breach-at-us-heart-disease-treatment-center-impacts-287-000-individuals

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The cyberattack that ultimately led to the breach of several U.S. officials’ email accounts was the result of a China-based threat actor accessing a...

Cyber Security

North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe...

Cyber Security

The well-known watch manufacturing company Seiko disclosed the data breach notification recently on Aug 2023, targeted by the notorious threat group BlackCat/ALPHV. BlackCat/ALPHV Group has been...

Cyber Security

Privileged users typically hold crucial positions within organizations. They usually have elevated access, authority, and permission levels in the organization’s IT systems, networks, applications,...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO