US Healthcare Provider Fails To Protect Customer Data

The radiology information systems provider Specialty Networks located in Tenesse has only now disclosed that the data security incident it suffered in December 2023 compromised the sensitive personal information of more than 400,000 US individuals.

“The investigation revealed that on or around December 11, 2023, an unauthorised actor acquired certain data stored within Specialty Networks’ systems... " it said in a statement.

The healthcare service provider launched an investigation at the time, with assistance from external cyber security experts, to determine the nature and scope of the incident, took steps to secure the affected systems and notified relevant law enforcement including the FBI. “Specialty Networks then undertook a comprehensive review of the potentially impacted data and, on May 31, 2024, determined that certain personal and/or protected health information may have been involved,” said Specialty Networks.

While the statement didn’t state the number of affected people, a filing with the US Department of Health and Human Services Office for Civil Rights said that at least 411,037 individuals were impacted by the incident.

The compromised data included names, dates of birth, driver’s licence numbers, Social Security numbers, medical record numbers, treatment and condition information, diagnoses, medications, and health insurance information. Specialty Network has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

It has also offered provide a free  identity protection and credit monitoring services through IDX to all affected individuals. “Specialty Networks takes the security and privacy of personal information in its possession very seriously and has taken additional steps to prevent a similar event from occurring in the future,” the company said.

This offer, which has been made 9 months after the original beach was detected and 6 moths after ther investigation determined the full extent of the breach, may come as little comfort to customers who have been exposed to the risk of identity theft and other crimes in the intervening period. 

Specialty Networks   |   Specialty Networks   |    TEISS   |   DHHS   |   PR Newswire  |    

Image: Curated Lifestyle

You Might Also Read: 

US Healthcare Firm Loses 22GB of Data:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« EC-Council Unleashes AI-Powered Ethical Hackers On Cybercrime
Meta To Use Facebook & Instagram Posts To Develop AI Tools »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

OneLogin

OneLogin

OneLogin simplifies identity management with secure, one-click access,for employees, customers and partners, through all device types, to all enterprise cloud and on-premise applications.

Leibniz-Rechenzentrum (LRZ)

Leibniz-Rechenzentrum (LRZ)

The LRZ supports ground-breaking research and teaching in a wide range of scientific disciplines including information security and data protection.

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

Pindrop Security

Pindrop Security

Pindrop solutions are leading the way to the future of voice by establishing the standard for security, identity, and trust for every voice interaction.

Cybersecurity & Infrastructure Security Agency (CISA)

Cybersecurity & Infrastructure Security Agency (CISA)

CISA leads the national effort to defend critical infrastructure against the threats of today and to secure against the evolving risks of tomorrow.

LSoft Technologies

LSoft Technologies

LSoft Technologies is a leader in data recovery software technologies.

Blu Venture Investors (BVI)

Blu Venture Investors (BVI)

Blu Venture Investors is a venture capital firm that supports early stage companies with a focus on technology in diverse domains including cybersecurity, IoT, defense and homeland security.

Cyberspace Solarium Commission (CSC)

Cyberspace Solarium Commission (CSC)

The Cyberspace Solarium Commission was established to develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.

Securix

Securix

SECURIX AG delivers holistic IT security solutions that are tailored to the specific challenges and requirements of your company.

Viettel Cyber Security

Viettel Cyber Security

Viettel Cyber Security is an organization under the Military Telecommunication Industry Group, conducting research and developing information security solutions for domestic and foreign customers.

Sify Technologies

Sify Technologies

Sify is the largest ICT service provider, systems integrator, and all-in-one network solutions company on the Indian subcontinent.

CFTS

CFTS

CFTS 'Computer Facilities Technical Services' is a Ugandan ICT Support Company that specialises in infrastructure and support services including network security.

Plex IT

Plex IT

Plex IT provides managed IT services to organisations along with managed security services.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

Jericho Security

Jericho Security

Jericho Security is on a mission to defend the world from the new threats of generative AI cyber attacks.

SafeBase

SafeBase

Safebase provide the infrastructure for Trust Communication. Our Trust Center enables Security and Sales teams to share and automate access to security, compliance, and privacy information.