US company Shields Health Care Group, which specializes in MRI and PET/CT diagnostic imaging, radiology and outpatient surgical services, leaked the data of approximately two million people as hackers compromised its systems.
The company’s official statement says that the attack was discovered on March 28, 2022, after which Shields Health Care Group hired cybersecurity specialists to investigate the incident.Let me remind you that we also wrote that 38 Million User Records Leaked Due to Misconfiguration of Microsoft Power Apps, and also let’s remember the old scandal that Phone numbers of 419 million Facebook users leaked to the Network.
The study of the logs showed that hackers had access to the company’s systems from March 7, 2022 to March 21, 2022 and could access data containing the following information about patients:
- full name;
- social security number;
- date of birth;
- home address;
- information about the insurance company;
- diagnosis;
- payment information;
- insurance number and information;
- medical card number;
- patient ID;
- other medical or treatment information.
Unfortunately, the data listed can be used for social engineering, phishing, scams, and even extortion, as such data is considered extremely sensitive.
Experts note that Shields Health Care Group’s business model is based on partnerships with hospitals and medical centres, that is, the consequences of the incident can be far-reaching and affect a total of 56 medical institutions and their patients.
Although the company itself has no direct relationship with the victims, they must be notified directly when the investigation into the incident is completed. In the meantime, Shields Health Care Group has notified federal law enforcement and relevant state regulators of the incident.
User Review
( votes)
