Threat Intel Flash: Sisense Data Compromise: ARC Labs Intelligence Flash

Get the Latest


2 Million Patients Impacted by a Cyberattack on a Healthcare Organization

Massachusetts-based Shields Health Care group was notified of suspicious activity that may have led to a data compromise. Following an investigation, it was discovered that a threat actor had unlawfully accessed Shields systems between March 7 and March 21 of this year. A representative of Shields stated the organization notified federal law enforcement upon the discovery of the intrusion and would notify any individuals who may have been impacted. Shields reported the attack to the US Department of Health and Human Services Office for Civil Rights, saying 2 million people might have been impacted. The types of patient data that may have been accessed includes name, Social Security number, date of birth, home address, provider information, diagnosis, billing information, insurance number and information, medical record number, patient ID, and other medical or treatment information. Shields found no evidence of identity theft or fraud but urged patients to review their security guidance.

Analyst Notes

Threat actors can leverage stolen medical records to impersonate legitimate patients to commit various forms of fraud, including submitting fraudulent claims to health insurers without authorization. This could not only affect healthcare coverage, but also compromise safety if there is misinformation on file that is needed for medical treatment. Anyone who may have been a victim of a medical data breach should get confirmation from their provider to find out exactly what information was stolen. Change and strengthen any online logins and implement multi-factor authentication. Asking the insurance provider for copies of claims and carefully reviewing explanation of benefits notices can reveal if a patient’s identity has been used fraudulently. This might also show if inaccurate health and medical information is present in the patient’s records. Lastly, financial and credit accounts should be monitored closely, because sometimes medical insurance information is used to commit other forms of financial fraud. Placing a credit freeze on file with the credit bureaus and notifying banks or other financial institutions is helpful to prevent fraud when identity theft is suspected.