Healthcare organization Medusind is notifying 360,934 individuals of a data breach that exposed their personal and health information over a year ago.
The Miami-based company operates 12 locations in the US and India, and it also provides revenue cycle management services to over 6,000 healthcare providers.
Medisund says it took systems offline after it spotted suspicious activity on its network in December 2023.
Through its investigation, the company found evidence that a “cybercriminal may have obtained a copy of certain files containing your personal information.”
Documents exposed may include the following data types:
- Health insurance information
- Payment information
- Medical history
- Medical record number
- Prescription information
- Social Security number
- Taxpayer ID
- Driver’s license
- Passport number
- Date of birth
- Email
- Address
- Phone number
This notification comes after the U.S. Department of Health and Human Services proposed updates to HIPAA in late December 2024 to secure patients’ health data following a surge in significant healthcare breaches such as Ascension impacting 5.6 million people and UnitedHealth impacting 100 million.
Emily Phelps, Director, Cyware had this to say:
“The healthcare sector remains one of the most critical industries to secure, given the sensitivity of the data it holds, and the devastating impact breaches can have on individuals and organizations. Effective threat intelligence management is vital to identifying and mitigating risks before they escalate, helping healthcare organizations strengthen their defenses against increasingly ubiquitous cyber threats. Operationalizing this intelligence can enable faster detection and response to potential breaches. Moreover, fostering collective defense through trusted information-sharing partnerships ensures that organizations can work together to anticipate, address, and mitigate emerging threats.”
Lawrence Pingree, VP, Dispersive follows up with this:
“If the company was using a programmable Universal Zero Trust Network access solution, they could more rapidly isolate key systems through automation and orchestration products in the SOC, reducing the blast radius of attacks. While there is no silver bullet, defense in depth in security still applies, as does centralization risk.”
We’re only 10 days into the new year and we already have a big health care breach. This isn’t good as 2025 appears to be starting off the way that 2024 ended. Which means that we have a long year ahead of us unless substantial changes are made now.
Like this:
Like Loading...
Related
This entry was posted on January 10, 2025 at 8:57 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
360,000 Are Impacted By Medical Billing Firm Medusind Breach
Healthcare organization Medusind is notifying 360,934 individuals of a data breach that exposed their personal and health information over a year ago.
The Miami-based company operates 12 locations in the US and India, and it also provides revenue cycle management services to over 6,000 healthcare providers.
Medisund says it took systems offline after it spotted suspicious activity on its network in December 2023.
Through its investigation, the company found evidence that a “cybercriminal may have obtained a copy of certain files containing your personal information.”
Documents exposed may include the following data types:
This notification comes after the U.S. Department of Health and Human Services proposed updates to HIPAA in late December 2024 to secure patients’ health data following a surge in significant healthcare breaches such as Ascension impacting 5.6 million people and UnitedHealth impacting 100 million.
Emily Phelps, Director, Cyware had this to say:
“The healthcare sector remains one of the most critical industries to secure, given the sensitivity of the data it holds, and the devastating impact breaches can have on individuals and organizations. Effective threat intelligence management is vital to identifying and mitigating risks before they escalate, helping healthcare organizations strengthen their defenses against increasingly ubiquitous cyber threats. Operationalizing this intelligence can enable faster detection and response to potential breaches. Moreover, fostering collective defense through trusted information-sharing partnerships ensures that organizations can work together to anticipate, address, and mitigate emerging threats.”
Lawrence Pingree, VP, Dispersive follows up with this:
“If the company was using a programmable Universal Zero Trust Network access solution, they could more rapidly isolate key systems through automation and orchestration products in the SOC, reducing the blast radius of attacks. While there is no silver bullet, defense in depth in security still applies, as does centralization risk.”
We’re only 10 days into the new year and we already have a big health care breach. This isn’t good as 2025 appears to be starting off the way that 2024 ended. Which means that we have a long year ahead of us unless substantial changes are made now.
Share this:
Like this:
Related
This entry was posted on January 10, 2025 at 8:57 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.