In an undated notice on its website, WebTPA has reported it was the victim of a “data security incident” last year that may have impacted 2,429,175 people.
Texas-based WebTPA, a company that provides administrative services to health benefit plans and insurance companies, says an investigation launched in late last year revealed that an “unauthorized actor may have obtained personal information between April 18 and April 23, 2023.”
On May 8, WebTPA told the federal Department of Health and Human Services that the exposed information is different depending on the individual, and data may include:
- Name
- Contact information
- Date of birth
- Date of death
- Social Security number
- Insurance information
Company President Lisa Tranberg said that “financial information, such as financial account information or credit card numbers, and treatment or diagnostic information were not impacted.”
The announcement comes amidst the global healthcare disruption of the Change Healthcare breach and, more recently, the attack on the Ascension hospital chain and Australian prescriptions company MediSecure.
BullWall Executive, Carol Volk had this to say:
“It’s no longer up for debate, assume you will be hacked and breached and that your data will be stolen, held for ransom or destroyed. Your only option is to be prepared. Every organization with valuable data, which means every one of us, must have in place, in addition to sophisticated EDR defense and backup methods, a comprehensive ransomware containment solution. The focus must be to protect, not just detect. When attackers breach the walls, they must not be allowed into the vault.”
This is good advice as we’re in a place now where it’s not if, but when you’re going to get pwned by hackers. Thus you have to shift from not just trying to keep the bad guys out, but containment if they do get in.
Related
This entry was posted on May 21, 2024 at 7:53 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
WebTPA Discloses 2023 Breach Impacting Over 2.4 Million
In an undated notice on its website, WebTPA has reported it was the victim of a “data security incident” last year that may have impacted 2,429,175 people.
Texas-based WebTPA, a company that provides administrative services to health benefit plans and insurance companies, says an investigation launched in late last year revealed that an “unauthorized actor may have obtained personal information between April 18 and April 23, 2023.”
On May 8, WebTPA told the federal Department of Health and Human Services that the exposed information is different depending on the individual, and data may include:
Company President Lisa Tranberg said that “financial information, such as financial account information or credit card numbers, and treatment or diagnostic information were not impacted.”
The announcement comes amidst the global healthcare disruption of the Change Healthcare breach and, more recently, the attack on the Ascension hospital chain and Australian prescriptions company MediSecure.
BullWall Executive, Carol Volk had this to say:
“It’s no longer up for debate, assume you will be hacked and breached and that your data will be stolen, held for ransom or destroyed. Your only option is to be prepared. Every organization with valuable data, which means every one of us, must have in place, in addition to sophisticated EDR defense and backup methods, a comprehensive ransomware containment solution. The focus must be to protect, not just detect. When attackers breach the walls, they must not be allowed into the vault.”
This is good advice as we’re in a place now where it’s not if, but when you’re going to get pwned by hackers. Thus you have to shift from not just trying to keep the bad guys out, but containment if they do get in.
Share this:
Like this:
Related
This entry was posted on May 21, 2024 at 7:53 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.