Threat Intel Flash: Sisense Data Compromise: ARC Labs Intelligence Flash

Get the Latest


Data Breach at Third-Party Provider Exposes Medical Information of US Healthcare Patients

Unknown threat actors gained unauthorized access to Elekta, a cloud-based platform that handles legally required cancer reporting to the state of Illinois. The breach may have exposed the private medical information of patients at the Northwestern Memorial Healthcare (NMHC) facility in Chicago. In a statement issued by NMHC, the healthcare provider stated that an unauthorized individual gained access to Elekta systems between April 2 and April 20, 2021. The exposed information included patient names, Social Security numbers, health insurance information, medical record numbers, and clinical information related to cancer treatment such as medical history, physician names, diagnoses, and prescription information. NMHC was notified of the incident on 17 May 2021.

Analyst Notes

Although NMHC stated Elekta has no reason to believe that any of the data involved will be misused or made public, patients involved in the leak should still take steps to protect themselves. Threat actors can leverage stolen medical records to impersonate legitimate patients to commit various forms of fraud, including submitting fraudulent claims to health insurers without authorization. This could not only affect healthcare coverage, but also compromise safety if there’s misinformation on file that is needed for medical treatment. Anyone who may have been a victim of a medical data breach should get confirmation from their provider to find out exactly what information was stolen. Change and strengthen any online logins and implement multi-factor authentication. Asking the insurance provider for copies of claims and carefully reviewing explanation of benefits notices can reveal if a patient’s identity has been used fraudulently. This might show if inaccurate health and medical information is present in the patient’s records. Lastly, financial and credit accounts should be monitored closely, because sometimes medical insurance information is used to commit other forms of financial fraud. Placing a credit freeze on file with the credit bureaus and notifying banks or other financial institutions is helpful to prevent fraud when identity theft is suspected.