The Center for Neurological and Neurodevelopment secures accounts after breach
https://finance.yahoo.com/news/center-neurological-neurodevelopmental-health-notifies-223000719.html
Exploit: Phishing scam
The Center for Neurological and Neurodevelopment (CNNH): Healthcare provider
Risk to Small Business: 1.777 = Severe: Hackers gained access to an employee account containing patients’ protected health information. The unauthorized access lasted for more than a month, occurring between October 7, 2019 and November 22, 2019. In response, CNNH secured the account and hired a third-party forensics team to investigate the breach. However, the diagnosis is unlikely to be positive, and the company likely faces an expensive road ahead.
Individual Risk: 2 = Severe: The data breach doesn’t include all CNNH patients, but hackers did have access to patient data contained in the employee email account. This could include patient names, addresses, dates of birth, health insurance information, medical/patient record numbers, and treatment information. CNNH encourages all victims to closely monitor their accounts and insurance statements to check for fraudulent activity and to notify their insurance providers if they discover false charges.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: CNNH secured the account by resetting its credentials and is updating company-wide email standards by enabling two-factor authentication and updating employee training initiatives. These simple data security measures should be standard at every company, and they have to be implemented before a breach occurs. With the cost and consequences of a breach continually increasing, companies can’t afford to wait until it’s too late to take steps to protect their data.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
