"Recent Breaches Underscore High Healthcare Security Risk"

Two recently disclosed attacks that targeted providers in California and Arizona further suggest that healthcare organizations are at a high security risk. On August 24, 2021, California-based LifeLong Medical Care started notifying individuals that their data was affected by a ransomware attack against Netgain, a third-party vendor that provides services to healthcare providers. According to LifeLong's report to the Department of Health and Human Services (DHHS), the ransomware attack affected 115,448 people. Netgain's investigation found that certain files were accessed or obtained without authorization. LifeLong's review of the stolen files' contents revealed that they contained sensitive information, including full names, Social Security numbers, birth dates, patient cardholder numbers, diagnoses, and more. In a separate incident, Arizona-based Desert Wells Family Medicine was hit with ransomware that led to the corruption of data. An investigation of the incident revealed that the affected data may have included patients' names in combination with their address, date of birth, Social Security number, driver's license number, patient account number, clinical treatment notes, and other sensitive information.  This article continues to discuss two separate attacks against healthcare organizations in California and Arizona, and the high costs faced by midsize healthcare organizations compared to larger organizations. 

Dark Reading reports "Recent Breaches Underscore High Healthcare Security Risk"