.png)
2 hours ago
1
Cybercriminals broke in and stole nearly a million Americans' data in the space of a week, in the course of three digital burglaries at healthcare providers.
Goshen Medical Center, which runs sites across North Carolina, has this week reported a sizeable breach affecting 456,385 people.
The types of data exposed varied for each individual, but basic personal information, as well as social security numbers, driver's license numbers, and medical record numbers were exposed during this attack, which went undetected for almost a month.
A notice issued to affected individuals stated that the healthcare provider noticed signs of a break-in on March 4, and came to learn that it began on February 15.
Further east, Retina Group of Florida reported itself to individual state attorneys general and the Department for Health and Human Services on September 16, admitting to its own attack that affected 153,429.
In letters sent to affected clients, the group redacted the types of information involved. However, law firm Levi & Korsinsky, which is investigating the case for a potential lawsuit, said that impacted data may include sensitive personal and protected health information.
Retina, which operates 22 locations on Florida's east, west, and gulf coasts, said that the intrusion was detected on November 9, 2024, and occurred three days earlier.
The leakiest of all three breaches was at Medical Associates of Brevard (MAB), also located in the sunshine state.
MAB did not specify when its attack took place, or when it was detected, only that it identified the affected individuals on July 7 and that they will receive a letter informing of them of the breach soon, if they have not already.
A copy of the letter [PDF] was posted to its website, revealing that names, dates of birth, driver's license/state ID numbers, social security numbers, medical treatment information, and health insurance information was affected.
For a limited number of the total 246,711 people impacted, financial account information may also have been exposed.
All 855,787 people, across the three attacks, were offered the usual credit monitoring and identity protection services, as is typical in US data breach cases.
Three significantly damaging attacks on US healthcare organizations, all reported within the same week, serve as the latest reminder of the continued focus cyberattackers have on the sector.
None of the organizations said that their respective intrusions affected the delivery of healthcare services. However, the same can't be said for others in similar situations.
What happened to Change Healthcare in 2024 is perhaps the most poignant example of the impact a cyberattack can have.
Affiliates working for the now-shuttered ALPHV ransomware group carried out the attack, which was later blamed on parent company UnitedHealth's "egregious negligence" toward cybersecurity.
The data raid phase of the attack affected a substantially large proportion of Americans – around 100 million of them – and the financial impact on the company's suppliers was immense.
Within a year, per UnitedHealth's earnings reports, the costs related to cleaning up the attack rose to more than $2 billion.
The issue is also not isolated to the US. Later that year, Qilin's ransomware attack on London hospitals caused severe delays to pathology services, which had a knock-on effect on other areas of healthcare delivery, including cancer surgeries, and later led to a confirmed death.
The group told The Register it had no regrets for what it did.
Various NHS Trusts have been affected by cyberattacks to varying degrees in recent years, with attackers showing little remorse, even when targeting children's hospitals. ®
