US Healthcare Provider Fails To Protect Customer Data

Uploaded on 2024-10-01 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The radiology information systems provider Specialty Networks located in Tenesse has only now disclosed that the data security incident it suffered in December 2023 compromised the sensitive personal information of more than 400,000 US individuals.

“The investigation revealed that on or around December 11, 2023, an unauthorised actor acquired certain data stored within Specialty Networks’ systems... " it said in a statement.

The healthcare service provider launched an investigation at the time, with assistance from external cyber security experts, to determine the nature and scope of the incident, took steps to secure the affected systems and notified relevant law enforcement including the FBI. “Specialty Networks then undertook a comprehensive review of the potentially impacted data and, on May 31, 2024, determined that certain personal and/or protected health information may have been involved,” said Specialty Networks.

While the statement didn’t state the number of affected people, a filing with the US Department of Health and Human Services Office for Civil Rights said that at least 411,037 individuals were impacted by the incident.

The compromised data included names, dates of birth, driver’s licence numbers, Social Security numbers, medical record numbers, treatment and condition information, diagnoses, medications, and health insurance information. Specialty Network has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

It has also offered provide a free  identity protection and credit monitoring services through IDX to all affected individuals. “Specialty Networks takes the security and privacy of personal information in its possession very seriously and has taken additional steps to prevent a similar event from occurring in the future,” the company said.

This offer, which has been made 9 months after the original beach was detected and 6 moths after ther investigation determined the full extent of the breach, may come as little comfort to customers who have been exposed to the risk of identity theft and other crimes in the intervening period. 

Specialty Networks   |   Specialty Networks   |    TEISS   |   DHHS   |   PR Newswire  |    

Image: Curated Lifestyle

You Might Also Read: 

US Healthcare Firm Loses 22GB of Data:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« EC-Council Unleashes AI-Powered Ethical Hackers On Cybercrime
Meta To Use Facebook & Instagram Posts To Develop AI Tools »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ITrust

ITrust

French cybersecurity pure player since 2007. ITrust offers its Cyber expertise services and develops disruptive products in Cyber/Artificial Intelligence.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

Volexity

Volexity

Volexity is a leading provider of threat intelligence and incident suppression services and solutions.

Intuity

Intuity

The Intuity suite of services provides companies with a complete awareness of their security status and helps them in an efficient, efficient and sustainable improvement process.

Agility Networks

Agility Networks

Agility Networks is a technology company providing integrated services and solutions for Digital Transformation and Cyber Security.

Computer Network Defence (CND)

Computer Network Defence (CND)

Computer Network Defence (CND) are a Broad-Spectrum Cyber Security Consultancy and Recruitment Agency.

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

PeoplActive

PeoplActive

PeoplActive is an IT consulting and recruitment services organization with leading capabilities in digital, cloud and security.

Casepoint

Casepoint

Casepoint is the legal technology platform of choice for corporations, government agencies, and law firms to meet their complex eDiscovery, investigations, and compliance needs.

Chestnut Hill Technologies (CHT)

Chestnut Hill Technologies (CHT)

CHT provide Best Practices IT Cybersecurity and Technology Solutions and Consulting Support to the Mid Cap through Fortune 1000 Nationwide.

Plerion

Plerion

Plerion is an all-in-one Cloud Security Platform that supports workloads across AWS, Azure, and GCP delivering cloud security posture management, workload security, data security and more.

OneStep Group

OneStep Group

OneStep Group are a leading Australian provider of information and communications technology (ICT) services, connecting businesses through technology solutions and support.

RightCue Assurance

RightCue Assurance

RightCue Assurance identify opportunities for improvement in the Information Security for your organisation and work with you to reduce cyber risk.

Abissi

Abissi

Abissi offer cyber intelligence, IoT security, automotive security, red teaming, application security and artificial intelligence security services, with a focus on security by design.

CertX

CertX

CertX is a Swiss functional safety, cybersecurity and artificial intelligence certification body.

Teal

Teal

Teal provides exceptional managed IT solutions for small- to medium-sized organizations that value real partnerships and elevated security.