Healthcare Org Data Breach Impacts 2 Million Users

by | Jun 9, 2022 | Blogs

Shields Health Care Group, Inc. reported this week that it is investigating a data breach which may have impacted 56 healthcare facilities and the patients of those facilities.

According to an official statement Shields posted, it became aware of suspicious activity on March 28 and immediately launched an investigation to determine the full nature and scope of the incident.

Working with third-party forensic specialists, the healthcare organization determined that “an unknown actor” gained access to certain systems between March 7 and March 21. The investigation also found that the unknown actor acquired certain data during that time.

At this time, Shields has found no evidence that the information from this incident was used to commit identity theft or fraud, but the information potentially impacted could include:

  • Full names
  • Social Security numbers
  • Dates of birth
  • Home addresses
  • Provider information
  • Diagnosis
  • Billing information
  • Insurance number and information
  • Medical record number
  • Patient ID
  • And other medical or treatment information.

Shields continues to review the impacted data.

Upon discovering the breach, Shields moved to secure their systems and conducted an investigation to confirm the nature, scope, and data affected.

“We continue to review and further enhance protections as part of our ongoing commitment to data security,” Shields says in the organization’s official statement. Federal law enforcement has been notified, and Shields will report the incident to relevant state and federal regulators as well.

Upon completion of review, Shields says they will directly notify impacted individuals where possible so those patients and other individuals can take steps to further protect their information.

Shields encourages impacted individuals to review best practices for protecting their personal information. NBC Boston offers a full list of Shields partner facilities that may be impacted or involved in this data breach.

2 million impacted by data breach.

Horizon3.ai knows the challenges of healthcare security

It’s established that patient records and information are high value targets for criminals. All organizations need to be aware that compromised credentials, unpatched or poorly patched devices, or misconfigured servers can put patient information at risk

NodeZero’s autonomous penetration testing gives you the attacker’s perspective when assessing your own cybersecurity, collecting reconnaissance, identifying weaknesses, and chaining together attacks to exploit a system, identifying ways an attacker steal PHI or execute ransomware attacks.

Read more on how we help healthcare organizations. 

How can NodeZero help you?

Let our experts walk you through a demonstration of NodeZero, so you can see how to put it to work for your company.