Monday, October 20, 2014

BREACH: Healthcare entity has fallen victim

We received word today that a health care entity is investigating an internal breach of their systems. This is a medical breach and is tied to a much larger healthcare entity. It appears as though this smaller entity was purchased by a larger medical provider and the breach was discovered during the transition process and integration of the two companies by internal security staff.

It appears as though insurance information may have been stolen but the exact nature of the breach is still being investigated at this hour. The entity is located in California. Looking through our data sources we noted that the entity first started appearing on spam blacklist about 10 days ago and was reported the past 6 days by others as performing malicious attacks on networked devices at other organizations.

We are awaiting a copy of the malware samples that were recovered as well as some of the logs. We are not able to name the entity but you can expect an announcement this week once more information is known on the scope of the attack.

We will see during this incident if the new California notification laws have any effect on how the information is reported.

Type: PHI
Area: Healthcare Services
First Noted: 20 October 2014
Location: California
Total Records: NA

Status: Not Monitoring for Follow Up (Not a client of SLC Security Services LLC)

While this entity is not a client they have provided information and requested assistance in looking through our data set to see if we have any indicators that would point to a time frame for this intrusion. 

No comments:

Post a Comment