A former Nuance employee has been arrested after Geisinger, a Pennsylvania Healthcare Provider, experienced a data breach which exposed 1.2 million records. The former employee had accessed certain Geisinger patient information two days after the employee had been terminated, according to the company incident notice. The information that was potentially accessed and stolen included names, addresses, dates of birth, phone numbers, race, gender, admit and discharge or transfer codes, and medical record numbers.
Chad McDonald, CISO and COO, Radiant Logic had this to say:
“Insider threats can quickly take hold of organizations if identity data and access rights are not properly managed and monitored. As seen with the Nuance breach, all it took was two days of an ex-employee’s access rights not being changed for the company and individual consumers to face extreme consequences. By utilizing modern day solutions to automate user access reviews and management, organizations can handle these situations urgently and with the precision needed to avoid dire situations.”
This sort of situation happens more often than you realize. I’ve seen a number of situations where one disgruntled employee causes a nightmare situation for an organization. What makes this situation a bit different is that this employee was outside the organization that got pwned. Thus organizations should consider this situation a cautionary tale.
Related
This entry was posted on July 9, 2024 at 8:14 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Former Nuance employee arrested After Geisinger data breach
A former Nuance employee has been arrested after Geisinger, a Pennsylvania Healthcare Provider, experienced a data breach which exposed 1.2 million records. The former employee had accessed certain Geisinger patient information two days after the employee had been terminated, according to the company incident notice. The information that was potentially accessed and stolen included names, addresses, dates of birth, phone numbers, race, gender, admit and discharge or transfer codes, and medical record numbers.
Chad McDonald, CISO and COO, Radiant Logic had this to say:
“Insider threats can quickly take hold of organizations if identity data and access rights are not properly managed and monitored. As seen with the Nuance breach, all it took was two days of an ex-employee’s access rights not being changed for the company and individual consumers to face extreme consequences. By utilizing modern day solutions to automate user access reviews and management, organizations can handle these situations urgently and with the precision needed to avoid dire situations.”
This sort of situation happens more often than you realize. I’ve seen a number of situations where one disgruntled employee causes a nightmare situation for an organization. What makes this situation a bit different is that this employee was outside the organization that got pwned. Thus organizations should consider this situation a cautionary tale.
Share this:
Like this:
Related
This entry was posted on July 9, 2024 at 8:14 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.