"Data Breach at Shields Health Care Group Impacts 2 Million Patients"

Shields Health Care Group has recently informed roughly two million individuals of a cybersecurity incident that potentially impacted their personal data.  Shields Health Care Group is located in Massachusetts and provides management and imaging services to more than 50 healthcare partners and facilities throughout New England.  The company noted that the incident was identified on March 28, 2022, but the intrusion actually happened between March 7 and March 21.  The company stated that although a security alert was triggered on March 18, they did not find evidence of an intrusion at that time.  However, the current investigation showed that a third-party had unauthorized access to certain types of data.  Potentially impacted information includes full names, addresses, birth dates, Social Security numbers, diagnosis, billing information, provider details, insurance number and information, patient ID, medical record number, and other medical data.  The company stated that it secured the impacted systems immediately after learning of the incident and launched an investigation to determine the full scope of the breach.  In late May, the company informed the US Department of Health and Human Services (HHS) that the breach affected two million patients.  

SecurityWeek reports: "Data Breach at Shields Health Care Group Impacts 2 Million Patients"