There’s one bright spot here in the fact that at least credit card data is being reported as being ok as well as the fact that no medical records data was accessed, but the attackers did get social security numbers as well as addresses and phone numbers. It depends on what type of queries the hacker runs to identify additional information and yet that could be done, and again it depends on how much money can be made for those additional types of efforts. It’s all about selling data for money today.
This happened back in April and we are now just hearing about it. Recently in the news, Community Health just agreed to pay $98 million to settle charges for systematically over admitting patients. The malware has now been removed from the system.
Here’s more folks that will get identity theft protection services for a year and I wonder how long that business will be able to protect our data at the rate breaches are occurring today. Again it comes back to once again, selling data and the epidemic in the US is sadly alive and well to the point to where like this case, even those outside the US want access to sell our data. The US built this system of data for nothing and profits for free you could say. BD
Could You Imagine a World With Stock Brokers, Real Estate Brokers, Etc. Not Having to Be Licensed? How Would We Know Who They Are? Data Sellers Need To Be Licensed Too, So We Know Who They Are..
The company said it is notifying affected patients and regulatory agencies as required by law. The data transferred, which was nonmedical patient identification data related to the company's physician practice operations, affected about 4.5 million individuals who were referred for or received services from company-affiliated physicians in the last five years. The data includes patient names, addresses, birth dates, telephone numbers and social security numbers, but not patient credit card, medical or clinical information. Community Health Systems said it would offer identity-theft protection services to those affected by the attack.
The intruder has typically sought valuable intellectual property, such as medical device and equipment development data, according to federal authorities and cybersecurity firm Mandiant, the company said.