Data of 2 million Patients Leaked Due to Hack Shields Health Care Group

US company Shields Health Care Group, which specializes in MRI and PET/CT diagnostic imaging, radiology and outpatient surgical services, leaked the data of approximately two million people as hackers compromised its systems.

The company’s official statement says that the attack was discovered on March 28, 2022, after which Shields Health Care Group hired cybersecurity specialists to investigate the incident.

Let me remind you that we also wrote that 38 Million User Records Leaked Due to Misconfiguration of Microsoft Power Apps, and also let’s remember the old scandal that Phone numbers of 419 million Facebook users leaked to the Network.

The study of the logs showed that hackers had access to the company’s systems from March 7, 2022 to March 21, 2022 and could access data containing the following information about patients:

  1. full name;
  2. social security number;
  3. date of birth;
  4. home address;
  5. information about the insurance company;
  6. diagnosis;
  7. payment information;
  8. insurance number and information;
  9. medical card number;
  10. patient ID;
  11. other medical or treatment information.

Unfortunately, the data listed can be used for social engineering, phishing, scams, and even extortion, as such data is considered extremely sensitive.

Experts note that Shields Health Care Group’s business model is based on partnerships with hospitals and medical centres, that is, the consequences of the incident can be far-reaching and affect a total of 56 medical institutions and their patients.

Although the company itself has no direct relationship with the victims, they must be notified directly when the investigation into the incident is completed. In the meantime, Shields Health Care Group has notified federal law enforcement and relevant state regulators of the incident.

Shields Health Care Group said there is no evidence so far that any of the stolen information was misused or distributed through illegal channels. However, it may still be too early for the public distribution of the stolen data.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button