New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

University of Vermont Health Struck by Hackers

All it took was one employee email to be accessed by an unwarranted user to affect potentially 32,000 patients. The Elizabeth Community Hospital found out about the breach on October 18th and says it occurred on October 9th, they officially verified it yesterday on their website. The news took so long to break because they ran a sixty-day investigation which assured that no identity theft or fraud were caused by the breach. Free credit and identity monitoring has been offered to 1,200 patients. The email account that was compromised included information such as names, dates of birth, addresses, limited medical information, billing information, medical record numbers, dates of service and a brief summary of the services provided. About 1,000 or more social security numbers were included as well. “We are very sorry this has happened. We take seriously our responsibility to protect the privacy and confidentiality of the personal information of our patients and employees,” said a statement by the hospital.

Analyst Notes

Users should take advantage of the free identity and credit monitoring offered in this scenario. If a company is hit with a data breach like this, they should implement enhanced security features along with the enhancement of their email system. Employees should also be continuously educated on the importance of protecting patient or customer information.