First Choice Community Healthcare – based out of Albuquerque, New Mexico – has suffered a data breach. The healthcare provider became aware of the breach on March 27th, which subsequently led to an investigation that was carried out on June 3rd. The investigation revealed that information such as names, Social Security numbers, First Choice patient ID numbers, diagnosis and clinical treatment information, medications, dates of service, health insurance information, medical record numbers, patient account numbers, dates of birth, and provider information was exposed. Those who were affected have been notified. A portion of the August 1st press release made by First Choice reads, “The privacy and protection of personal and protected health information is our top priority, and First Choice deeply regrets any inconvenience or concern this incident may cause.”
Analyst Notes
Adopting a defense-in-depth strategy moving forward will benefit First Choice in the long run. Requiring 2FA, forced password resets, and implementing strong anti-virus software should be considered. It has not been revealed whether this breach has been attributed to any specific threat group or actor, but more information may be released soon. Any unauthorized activity noticed by affected parties should be reported to First Choice as well as the appropriate law enforcement groups. Healthcare information can be sold to other digital criminals and used to carry out medical identity theft, digital identity theft, or credit fraud. This can lead to many disruptive issues for those who have their information used illegally. It is important to stay vigilant moving forward after an incident like this. Since protected information such as Social Security information was included in the breach, affected parties should reach out to First Choice about identity monitoring services.
Source:
https://www.beckershospitalreview.com/cybersecurity/first-choice-patients-data-compromised-in-breach.html
