Share This Article:
Sarasota, FL (WorkersCompensation.com) – Since the first of the year, there have been 384 data breaches reported, with over 58.9 million patient records impacted. For third quarter, there have 59 reports filed so far, with around 17.3 million patient records compromised.
Recently, a large number of businesses, government departments, and healthcare systems have been hit by a string of cyberattacks that exploit vulnerabilities of the MOVEit platform. Produced by Ipswitch, Inc, MOVEit is a cloud based file consolidation and transfer software. In June, a CISA cybersecurity advisory was released announcing that the CL0P ransomware group installed a web shell program called LEMURLOOT on the internet facing MOVEit web applications. This allowed data to be stolen from the underlying MOVEit transferring databases. CLOP, a Russian ransomware group, claimed responsibility for the attacks in which over 122 organizations have been breached so far.
According to a report earlier this month from Becker’s, at least six healthcare organizations have been hit in the MOVEit attacks. In July, CMS Medicare announced that the social security number and date of birth of at least 612,000 current Medicare beneficiaries had been exposed.
John Hopkins Health Systems in Baltimore, as well as St. Petersburg, Florida have been hit as well, with names, addresses, dates of birth and social security numbers exposed. Johns Hopkins began sending out notifications on June 14th. On July 7th, a class action lawsuit was filed in Maryland alleging that the organization did not take appropriate steps to secure patient protected data.
Other health organizations impacted by the MOVEit cyberattacks include Harris Health System and UT Southwestern Medical Center based in Texas, and UofLHealth located in Louisville, Kentucky.
Earlier this month, Prospect Medical Holdings, Inc. also announced their medical systems were effected by a data breach. While the investigation is currently in process, there is no indication of whether the attack is related to the MOVEit incidents. The company is based in California, but operates over 165 clinics and 16 hospitals across the state, as well Rhode Island, Pennsylvania, and Connecticut.
According to University of Texas researcher Nan Clement, from 2010 to 2022 hospitals in the process of a merger were twice as likely to experience a data breach attack in the year before and after the closure of the deal. According to her analysis, the probability of a data breach within a two-year window of a merger negotiation is 6 percent, compared to 3 percent for those systems not in negotiation. Clement believes certain times during the process are more vulnerable stating, “The time leading up to and following the merger deal-signing is indeed a riskier period.”
AI california case management case management focus claims compensability compliance compliance corner courts covid do you know the rule ethics exclusive remedy florida glossary check Healthcare health care hr homeroom insurance iowa kentucky leadership medical NCCI new jersey new york ohio osha pennsylvania Safety simply research state info technology texas violence WDYT west virginia what do you think women's history month workcompcollege workers' comp 101 workers' recovery workers' compensation contact information Workplace Safety Workplace Violence
Read Also
About The Author
About The Author
-
F.J. Thomas
F.J. Thomas has worked in healthcare business for more than fifteen years in Tennessee. Her experience as a contract appeals analyst has given her an intimate grasp of the inner workings of both the provider and insurance world. Knowing first hand that the industry is constantly changing, she strives to find resources and information you can use.
More by This Author
Read More
- Nov 25, 2024
- Chris Parker
- Nov 25, 2024
- Chriss Swaney
- Nov 25, 2024
- Claire Muselman
- Nov 24, 2024
- Frank Ferreri
- Nov 23, 2024
- Claire Muselman
- Nov 21, 2024
- Claire Muselman