U.S. healthcare provider AspenPointe has notified patients of a data breach that happened in September of this year. The attack enabled the thieves to steal protected health information (PHI) and personally identifiable information (PII). AspenPointe is a nonprofit organization that is funded by Medicaid, state, federal, and local government contracts, as well as donations. An AspenPointe release stated, “We recently discovered unauthorized access to our network occurred between September 12, 2020, and approximately September 22, 2020.” The organization hired external security experts to investigate the attack and to find the extent of the breach. The investigation concluded that the data stolen by the attackers included records with patients’ full name, date of birth, Social Security Number, Medicaid ID number, date of last visit (if any), admission date, and or diagnosis code. Even though AspenPointe says that there is no evidence that the stolen data was improperly used by third parties, the company advises patients to safeguard themselves against potential fraud attempts. The total number of affected patients was reported to the Department of Health and Human Services (HHS) as 295,617.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in