Bad news if you’re a patient of McPherson Hospital, Inc. They has begun notifying over 19K patients of a recent data breach because of a ransomware attack. :
On May 4, 2023, McPherson Hospital, Inc. (“McPherson Center for Health”) filed a notice of data breach with the Maine Attorney General after learning that a ransomware attack resulted in confidential patient information being accessible to unauthorized parties. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, dates of birth, medical treatment information, medical billing information, and health insurance information. After confirming that consumer data was leaked, McPherson began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification from the McPherson Center for Health, it is essential you understand what is at risk and what you can do about it. As we’ve mentioned in previous posts, hackers have shown an increased interest in targeting healthcare providers. In large part, this is because these organizations provide hackers with a “one-stop shop” for all the information they need to commit identity theft and other frauds against victims. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the McPherson Hospital data breach, consider consulting with a data breach lawyer.
And:
News of the McPherson Hospital data breach is still fresh; however, what we know at this point comes from the company’s filing with the Maine Attorney General. According to this source, on July 12, 2022, McPherson Hospital learned that it had been the victim of a recent ransomware attack. In response, McPherson began working with third-party data security specialists to investigate the incident and determine what, if any, patient information was leaked.
Through this investigation, the McPherson Center for Health confirmed that the hackers were able to access certain files on the organization’s computer network and that some of these files contained confidential patient information.
Upon discovering that sensitive consumer data was made available to an unauthorized party, McPherson Hospital began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, date of birth, medical treatment information, medical billing information, and health insurance information.
Well, that’s not good if you’re the hospital in question as you can expect that there will be lawsuits incoming. Ani Chaudhuri, CEO, Dasera had this comment:
“It’s deeply concerning to see another healthcare provider, McPherson Hospital, Inc., fall victim to a ransomware attack, exposing sensitive patient data. As a data security professional, I empathize with the breached organization and the patients affected by this incident. Healthcare providers are becoming prime targets for cybercriminals due to the wealth of personal and medical information they hold.
Healthcare organizations must prioritize data security measures and invest in robust cybersecurity solutions to safeguard their valuable and sensitive patient data. A comprehensive data security approach should include continuous data access, usage, and sharing monitoring to identify and remediate risks in real-time. By implementing a solution that combines automated discovery, classification, and protection of sensitive information with advanced analytics and policy enforcement, healthcare providers can ensure that their patients’ data remains secure, compliant, and well-managed. A strong emphasis on data-centric security and collaboration between IT, security, and compliance teams will significantly reduce the likelihood of data breaches and the potential exposure of patients’ confidential information.
For the patients impacted by the McPherson Center for Health breach, taking immediate steps to mitigate the potential risks of identity theft and fraud is essential. This includes monitoring credit reports, placing fraud alerts on credit files, and staying vigilant for any suspicious activity related to personal information.
While McPherson Hospital has taken steps to investigate the breach and notify affected individuals, it serves as a stark reminder to all healthcare providers to continuously assess and improve their cybersecurity posture. Implementing multi-layered security strategies, including data encryption, access control, and network segmentation, can significantly reduce the risk of similar incidents in the future.
In an age where cyber threats are ever-evolving, it is vital for organizations across all industries, especially healthcare, to remain proactive and adaptive in their approach to data security.”
Healthcare providers need to get their “A game” in gear as threat actors pwning them has now become a bit of a sport with a very high payoff for the threat actors in question. This cannot be allowed to continue if this scourge of ransomware attacks is to be stopped.
Like this:
Like Loading...
Related
This entry was posted on May 7, 2023 at 8:29 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
McPherson Hospital Pwned In Ransomware Attack
Bad news if you’re a patient of McPherson Hospital, Inc. They has begun notifying over 19K patients of a recent data breach because of a ransomware attack. :
On May 4, 2023, McPherson Hospital, Inc. (“McPherson Center for Health”) filed a notice of data breach with the Maine Attorney General after learning that a ransomware attack resulted in confidential patient information being accessible to unauthorized parties. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, dates of birth, medical treatment information, medical billing information, and health insurance information. After confirming that consumer data was leaked, McPherson began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification from the McPherson Center for Health, it is essential you understand what is at risk and what you can do about it. As we’ve mentioned in previous posts, hackers have shown an increased interest in targeting healthcare providers. In large part, this is because these organizations provide hackers with a “one-stop shop” for all the information they need to commit identity theft and other frauds against victims. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the McPherson Hospital data breach, consider consulting with a data breach lawyer.
And:
News of the McPherson Hospital data breach is still fresh; however, what we know at this point comes from the company’s filing with the Maine Attorney General. According to this source, on July 12, 2022, McPherson Hospital learned that it had been the victim of a recent ransomware attack. In response, McPherson began working with third-party data security specialists to investigate the incident and determine what, if any, patient information was leaked.
Through this investigation, the McPherson Center for Health confirmed that the hackers were able to access certain files on the organization’s computer network and that some of these files contained confidential patient information.
Upon discovering that sensitive consumer data was made available to an unauthorized party, McPherson Hospital began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, date of birth, medical treatment information, medical billing information, and health insurance information.
Well, that’s not good if you’re the hospital in question as you can expect that there will be lawsuits incoming. Ani Chaudhuri, CEO, Dasera had this comment:
“It’s deeply concerning to see another healthcare provider, McPherson Hospital, Inc., fall victim to a ransomware attack, exposing sensitive patient data. As a data security professional, I empathize with the breached organization and the patients affected by this incident. Healthcare providers are becoming prime targets for cybercriminals due to the wealth of personal and medical information they hold.
Healthcare organizations must prioritize data security measures and invest in robust cybersecurity solutions to safeguard their valuable and sensitive patient data. A comprehensive data security approach should include continuous data access, usage, and sharing monitoring to identify and remediate risks in real-time. By implementing a solution that combines automated discovery, classification, and protection of sensitive information with advanced analytics and policy enforcement, healthcare providers can ensure that their patients’ data remains secure, compliant, and well-managed. A strong emphasis on data-centric security and collaboration between IT, security, and compliance teams will significantly reduce the likelihood of data breaches and the potential exposure of patients’ confidential information.
For the patients impacted by the McPherson Center for Health breach, taking immediate steps to mitigate the potential risks of identity theft and fraud is essential. This includes monitoring credit reports, placing fraud alerts on credit files, and staying vigilant for any suspicious activity related to personal information.
While McPherson Hospital has taken steps to investigate the breach and notify affected individuals, it serves as a stark reminder to all healthcare providers to continuously assess and improve their cybersecurity posture. Implementing multi-layered security strategies, including data encryption, access control, and network segmentation, can significantly reduce the risk of similar incidents in the future.
In an age where cyber threats are ever-evolving, it is vital for organizations across all industries, especially healthcare, to remain proactive and adaptive in their approach to data security.”
Healthcare providers need to get their “A game” in gear as threat actors pwning them has now become a bit of a sport with a very high payoff for the threat actors in question. This cannot be allowed to continue if this scourge of ransomware attacks is to be stopped.
Share this:
Like this:
Related
This entry was posted on May 7, 2023 at 8:29 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.