US Healthcare Provider Fails To Protect Customer Data

The radiology information systems provider Specialty Networks located in Tenesse has only now disclosed that the data security incident it suffered in December 2023 compromised the sensitive personal information of more than 400,000 US individuals.

“The investigation revealed that on or around December 11, 2023, an unauthorised actor acquired certain data stored within Specialty Networks’ systems... " it said in a statement.

The healthcare service provider launched an investigation at the time, with assistance from external cyber security experts, to determine the nature and scope of the incident, took steps to secure the affected systems and notified relevant law enforcement including the FBI. “Specialty Networks then undertook a comprehensive review of the potentially impacted data and, on May 31, 2024, determined that certain personal and/or protected health information may have been involved,” said Specialty Networks.

While the statement didn’t state the number of affected people, a filing with the US Department of Health and Human Services Office for Civil Rights said that at least 411,037 individuals were impacted by the incident.

The compromised data included names, dates of birth, driver’s licence numbers, Social Security numbers, medical record numbers, treatment and condition information, diagnoses, medications, and health insurance information. Specialty Network has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

It has also offered provide a free  identity protection and credit monitoring services through IDX to all affected individuals. “Specialty Networks takes the security and privacy of personal information in its possession very seriously and has taken additional steps to prevent a similar event from occurring in the future,” the company said.

This offer, which has been made 9 months after the original beach was detected and 6 moths after ther investigation determined the full extent of the breach, may come as little comfort to customers who have been exposed to the risk of identity theft and other crimes in the intervening period. 

Specialty Networks   |   Specialty Networks   |    TEISS   |   DHHS   |   PR Newswire  |    

Image: Curated Lifestyle

You Might Also Read: 

US Healthcare Firm Loses 22GB of Data:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« EC-Council Unleashes AI-Powered Ethical Hackers On Cybercrime
Meta To Use Facebook & Instagram Posts To Develop AI Tools »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Continuum

Continuum

Continuum is the IT management platform company that allows Managed IT Services Providers to maintain and back up on-premise and cloud-based servers, desktops, mobile devices and other endpoints

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

Korea Information Security Industry Association (KISIA)

Korea Information Security Industry Association (KISIA)

KISIA is a non-profit organization for the information security industry in Korea.

Cybersecurity Credentials Collaborative (C3)

Cybersecurity Credentials Collaborative (C3)

C3 provides a forum for collaboration among vendor-neutral information security and privacy and related IT disciplines certification bodies.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

AntemetA

AntemetA

AntemetA specializes in network infrastructure, security and cloud computing, helping companies transform their Information Systems.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

Radically Open Security

Radically Open Security

Radically Open Security is the world's first not-for-profit computer security consultancy company.

Recovery Point Systems

Recovery Point Systems

Recovery Point is a leading national provider of IT secure and compliant infrastructure and business resilience services.

British Blockchain Association (BBA)

British Blockchain Association (BBA)

British Blockchain Association (BBA) is a not-for-profit organisation that promotes evidence-based adoption of Blockchain and Distributed Ledger Technologies (DLT) across the public and private sector

Google for Startups

Google for Startups

Google for Startups is Google’s initiative to help startups thrive across every corner of the world.

ProSearch Partners

ProSearch Partners

ProSearch Partners are national talent acquisition specialists exclusively focussing on Technology and Digital talent including Cybersecurity, Data Analytics and Execs.

3i Infotech

3i Infotech

3i Infotech offers consulting & professional services to assess, design and build next gen IT infrastructure, and managed services to operate, optimize and continuously improve.

Vectra AI

Vectra AI

Vectra threat detection & response - see and stop threats across hybrid and multi-cloud enterprises.

MailChannels

MailChannels

MailChannels protects companies against malicious email threats. Used by 750+ hosting providers around the world.

Triangle

Triangle

Triangle enable innovative business transformation by ensuring critical hybrid infrastructures are optimised, interoperable and secure.