- Sisters Health System Hospital archla a new report with Maine’s attorney general
- Confirmed more than 800,000 affected in a rape of August 2023
- Committed people get a year of free identity robbery monitoring
Sisters Health System (HSHS) hospital, a non -profit Catholic health system, suffered a cyber attack one and a half, which resulted in the patient’s confidential data theft.
The firm has now submitted a report before the Office of the Attorney General of Maine, in which he detailed the attack, noting that he discovered an “unauthorized third” that obtained temporary access to his network, on August 27, 2023.
“Upon learning about the situation, we immediately take measures to contain and remedy the incident and launch an internal investigation,” HSHS said in the presentation.
Steal confidential data
The investigation determined that the unidentified attackers remained in the HSHS network between August 16 and 27, and during that time they expressed confidential information belonging to exactly 882,782 people.
“Since then we have been reviewing those files and notifying people whose information was found continuously as our review has continued,” the organization said.
Although the type of stolen information varied from person to person, in general it included complete names, postal addresses, birth dates, medical record numbers, limited treatment information, health insurance information, Social Security numbers (SSN) and driver license numbers.
This is more than enough to participate in highly personalized phishing, identity theft or even wire fraud. However, HSHS says that at this time “you have no reason to believe,” the data has been misused.
Health information is very sought after in the black market because it contains personal, financial and medical sensitive data that can be exploited for various types of fraud and cybercrime. Unlike credit card data, which can be canceled rapid , fraudulent billing, recipe fraud and even blackmail. In addition, the resale price of medical records is significantly higher than financial data due to their integrity and difficulty in detection.
That said, despite the fact that there is no evidence of misuse, “due to abundance of caution,” HSHS offered the affected people for a year of credit and identity theft monitoring through Equifax.
Through Bleepingcomputer
