Ransomware attack at Practicefirst, exposing personal information

 https://healthitsecurity.com/news/healthcare-ransomware-attack-targets-practice-management-vendor

CallX-information-leaked-from-unsecured-AWS-S3-bucket-img2

Risk to Business: 2.223=Severe
Practicefirst announced that a 2020 healthcare ransomware attack may have exposed personally identifiable information (PII) of patients and employees. The service provider specializes in medical billing, coding, credentialing, bookkeeping, and practice management solutions. When they detected suspicious activity on December 30th, 2020, they shut down all systems, changed passwords and notified authorities but not before the bad guys scooped up data.

CallX-information-leaked-from-unsecured-AWS-S3-bucket-img2

Risk to Business: 2.201=Severe
Practicefirst disclosed that patient and employee information has been impacted including birthdates, names, addresses, driver’s license numbers, Social Security numbers, email addresses and tax identification numbers employee usernames and passwords, bank account information. Other data that may have been stolen is primarily treatment-focused like diagnoses, lab and treatment information, medication information and health insurance identification.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Clients and employees won’t be happy about having this kind of personal information stolen – and neither will the Department of Health and Human Services.

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


3 Essential Types Of Cyber Security Your Business Must HaveCLICK HERE!
+ +