US Healthcare Provider Fails To Protect Customer Data

The radiology information systems provider Specialty Networks located in Tenesse has only now disclosed that the data security incident it suffered in December 2023 compromised the sensitive personal information of more than 400,000 US individuals.

“The investigation revealed that on or around December 11, 2023, an unauthorised actor acquired certain data stored within Specialty Networks’ systems... " it said in a statement.

The healthcare service provider launched an investigation at the time, with assistance from external cyber security experts, to determine the nature and scope of the incident, took steps to secure the affected systems and notified relevant law enforcement including the FBI. “Specialty Networks then undertook a comprehensive review of the potentially impacted data and, on May 31, 2024, determined that certain personal and/or protected health information may have been involved,” said Specialty Networks.

While the statement didn’t state the number of affected people, a filing with the US Department of Health and Human Services Office for Civil Rights said that at least 411,037 individuals were impacted by the incident.

The compromised data included names, dates of birth, driver’s licence numbers, Social Security numbers, medical record numbers, treatment and condition information, diagnoses, medications, and health insurance information. Specialty Network has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

It has also offered provide a free  identity protection and credit monitoring services through IDX to all affected individuals. “Specialty Networks takes the security and privacy of personal information in its possession very seriously and has taken additional steps to prevent a similar event from occurring in the future,” the company said.

This offer, which has been made 9 months after the original beach was detected and 6 moths after ther investigation determined the full extent of the breach, may come as little comfort to customers who have been exposed to the risk of identity theft and other crimes in the intervening period. 

Specialty Networks   |   Specialty Networks   |    TEISS   |   DHHS   |   PR Newswire  |    

Image: Curated Lifestyle

You Might Also Read: 

US Healthcare Firm Loses 22GB of Data:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« EC-Council Unleashes AI-Powered Ethical Hackers On Cybercrime
Meta To Use Facebook & Instagram Posts To Develop AI Tools »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

CERT-MU

CERT-MU

CERT-MU is the Mauritian National Computer Security Incident Response Team.

INCIBE-CERT

INCIBE-CERT

INCIBE-CERT is the reference security incident response center for citizens and private law entities in Spain

idappcom

idappcom

idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences.

Nexthink

Nexthink

Using our solution, hundreds of IT departments effectively balance offering a productive and enjoyable end-user experience with making the right decisions to secure and transform the digital workplace

Preempt Security

Preempt Security

The Preempt Platform delivers adaptive threat prevention that continuously preempts threats based on identity, behavior and risk.

Cybero

Cybero

Cybero offers professional corporate cybersecurity training tailored to your business requirements.

MrLooquer

MrLooquer

MrLooquer provide a solution to automatically discover the assets of organizations on the internet, determine the level of exposure to attacks and help to manage risk accurately.

Founder Shield

Founder Shield

Founder Shield is a data driven insurance brokerage focused excusively on rapidly evolving high-growth companies.

Q-Net Security

Q-Net Security

Protect your critical networks. Q-Net Security make hardware that provides the strongest drop-in security for your existing critical infrastructure.

DataViper

DataViper

Data viper is a threat intelligence platform designed for organizations, investigators, and law enforcement.

UncommonX

UncommonX

UncommonX offers enterprise-class cybersecurity protection for mid-size organizations by combining adaptive threat and intelligence software with 24/7 industry experts.

ATHENE National Research Center For Applied Cybersecurity

ATHENE National Research Center For Applied Cybersecurity

ATHENE is the largest research center for cybersecurity and privacy in Europe, conducting application-oriented top-level research for the benefit of the economy, society and the state.

ThrottleNet

ThrottleNet

ThrottleNet provides world-class managed IT services and cybersecurity to organizations in St. Louis and throughout Missouri.

Dion Training Solutions

Dion Training Solutions

Dion Training Solutions offer comprehensive training in areas such as project management, cybersecurity, agile methodologies, and IT service management.

Airlock Digital

Airlock Digital

Airlock Digital was created after many years of experience in implementing whitelisting/ allowlisting solutions in Federal Government and various enterprises in Australia.

Access Talent Today

Access Talent Today

Access Talent Today is an AI/ML and cyber security talent provider.