NTreatment, a health technology company that offers a cloud service for doctors to manage electronic medical records, accidently leaked thousands of patient records. The company stored 109,000 files in a cloud storage server hosted by Microsoft Azure. The files included patient records, doctor’s notes and lab results, yet none of the information was encrypted. NTreatment employees failed to add password protection to the data, exposing the medical records online and putting Protected Health Information (PHI) at risk. This incident comes after months of ransomware attacks on the healthcare industry and several warnings from federal agencies urging healthcare organizations to tighten up security protocols. NTreatment will notify affected healthcare providers and says it is unclear how the data was left exposed.
Threat actors can leverage stolen medical records to impersonate legitimate patients to commit various forms of fraud, including submitting fraudulent claims to health insurers without authorization. This could not only affect healthcare coverage, but also compromise safety if there’s misinformation on file that is needed for medical treatment. Anyone who may have been a victim of a medical data breach should get confirmation from their provider to find out exactly what information was stolen. Change and strengthen any online logins and implement multi-factor authentication. Asking the insurance provider for copies of claims and carefully reviewing explanation of benefits notices can reveal if a patient’s identity has been used fraudulently. This might show if inaccurate health and medical information is present in the patient’s records. Lastly, financial and credit accounts, because sometimes medical insurance information is used to commit other forms of financial fraud.