Request Demo

News Coverage

2.65 Million Records Exposed in Atrium Health Breach

down-arrow

Another massive data breach announcement has made headline, this time for healthcare and wellness program provider Atrium Health, formerly known as Carolinas HealthCare Systems, according to a joint announcement from Atrium Health and AccuDoc.

After one of its third-party vendors, AccuDoc Solutions, was hacked, Atrium Health announced that approximately 2.65 million patient records were potentially compromised. The data possibly compromised includes patient insurance policy information, medical record numbers, invoice numbers, addresses, dates of birth and social security numbers.

“Third-party risk management isn't just a security problem anymore. These issues are making their way up to the board because higher levels of risk deter business success and growth,” said George Wrenn, CEO and founder, CyberSaint Security.

“Every stakeholder should have easily accessible visibility into where risks lie within any given vendor list and should be able to have the insights from that information to take meaningful action. There needs to be a better way to manage the growing risk that comes with expanding businesses."

According to the news release, though, AccuDoc and Atrium Health did take meaningful action. Once AccuDoc discovered that a malicious actor had gained unauthorized access, it launched a forensic investigation and “took steps to secure its affected databases and enhance its security control...and informed Atrium Health of the incident on October 1, 2018."

The company continues to monitor its systems for any anomalous activity. AccuDoc also noted that it currently does not have any evidence that any personal information was taken from its systems.

Atrium Health has its own forensic investigator conducting an independent review of the incident. Both companies have been in contact with the FBI. 

“Just when we thought things might be improving in healthcare data security, the Atrium Health Breach repositions 2018 as a record year for healthcare cyber attackers. Healthcare security, both on-premise and in the cloud, has not caught up with best practices and likely won’t do so anytime soon,” said Pravin Kothari, CEO of CipherCloud.

First posted on infosecurity-magazine.com

You may also like

CyberSaint Releases Governance ...
on July 9, 2019

BOSTON--(BUSINESS WIRE)--CyberSaint Security, the developer of the industry’s leading platform for automated, intelligent risk and compliance, today announced the general ...

Downgrade Of Equifax By Moody’s ...
on May 28, 2019

In response to this week’s downgrade by Moody’s of Equifax as a result of its 2017 massive breach of consumer data, six cybersecurity and risk experts offer perspective on this ...

Insights from Verizon’s 2019 Data ...
on May 9, 2019

$40 million stolen from the Binance cryptocurrency exchange yesterday by cybercriminals. Hackers infiltrating hundreds of Amazon merchant accounts late last year. The ongoing ...

CyberSaint Introduces First ...
on April 16, 2019

New CyberStrong™ integrated risk management platform capabilities deliver actionable vulnerability intelligence, single sign-on (SSO), various hosting options, and customer-facing ...

Should There Be ‘Safe Harbor’ ...
on February 20, 2019

Sometimes, you do the best you can, but things happen anyway. You follow all the best practices, all your systems are locked down, you spend twice as much as your peers on ...

Data Center Knowledge
CyberStrong Integrated Risk ...
on February 19, 2019

BOSTON--(BUSINESS WIRE)--CyberSaint Security, a cybersecurity software firm that powers automated, intelligent compliance and risk management, today announced that the company ...