Request Demo

News Coverage

2.65 Million Records Exposed in Atrium Health Breach

down-arrow

Another massive data breach announcement has made headline, this time for healthcare and wellness program provider Atrium Health, formerly known as Carolinas HealthCare Systems, according to a joint announcement from Atrium Health and AccuDoc.

After one of its third-party vendors, AccuDoc Solutions, was hacked, Atrium Health announced that approximately 2.65 million patient records were potentially compromised. The data possibly compromised includes patient insurance policy information, medical record numbers, invoice numbers, addresses, dates of birth and social security numbers.

“Third-party risk management isn't just a security problem anymore. These issues are making their way up to the board because higher levels of risk deter business success and growth,” said George Wrenn, CEO and founder, CyberSaint Security.

“Every stakeholder should have easily accessible visibility into where risks lie within any given vendor list and should be able to have the insights from that information to take meaningful action. There needs to be a better way to manage the growing risk that comes with expanding businesses."

According to the news release, though, AccuDoc and Atrium Health did take meaningful action. Once AccuDoc discovered that a malicious actor had gained unauthorized access, it launched a forensic investigation and “took steps to secure its affected databases and enhance its security control...and informed Atrium Health of the incident on October 1, 2018."

The company continues to monitor its systems for any anomalous activity. AccuDoc also noted that it currently does not have any evidence that any personal information was taken from its systems.

Atrium Health has its own forensic investigator conducting an independent review of the incident. Both companies have been in contact with the FBI. 

“Just when we thought things might be improving in healthcare data security, the Atrium Health Breach repositions 2018 as a record year for healthcare cyber attackers. Healthcare security, both on-premise and in the cloud, has not caught up with best practices and likely won’t do so anytime soon,” said Pravin Kothari, CEO of CipherCloud.

First posted on infosecurity-magazine.com

You may also like

Booz Allen 2019 Cyber Threat Report
on February 7, 2019

@BoozAllen @BoozAllenCyber #cybertrends #cybersecurity #cyber Find out the 8 ways threat actors can make waves in 2019 in the annual Booz Allen Cyber Threat Outlook Report: ...

It’s Time to Embrace Password ...
on February 7, 2019

Why Your Enterprise Needs Password Security Strategies Unfortunately, trusting employees to create strong passwords on their own may no longer serve as a tenable strategy. ...

Nearly Half Billion US Personal ...
on February 7, 2019

There’s good news and bad news about identity theft in 2018 according to a new report from the Identity Theft Resource Center (ITRC). The good news is the number of US data ...

News Insights: Millions Of Bank ...
on January 28, 2019

According to Colin Bastable, CEO, Lucy Security: “When US lenders offload our mortgages and loans to third parties, they offload the data too, and wash their hands of all ...

CyberSaint Security Announces ...
on January 28, 2019

BOSTON--(BUSINESS WIRE)--CyberSaint Security, a cybersecurity software firm that powers automated, intelligent compliance and risk management, today announced record-breaking ...

A Cybersecurity Compliance Crystal ...
on January 28, 2019

What Recent News Means for the Future The compliance landscape is changing, necessitating changes from the compliance profession as well. A team of experts from CyberSaint discuss ...

George Wrenn