AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing.
The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals.
The attack targeted an unwitting third-party contractor, through which the cybercriminals gained entry to the company’s cloud environment, where they accessed business applications holding sensitive data.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Why Cybersecurity Should Be The CFO’s Job
January 31, 2017
Cyber risk is a 21st century business reality and something that can’t be ignored. The sheer pervasiveness of these risks, matched with the evolution into far more complex attacks, means the C-Suite has to get serious about managing cybersecurity. I sat down with Steffan Tomlinson this month, CFO of Palo Alto Networks, who explains why ...
- Last Year’s Data Breaches Exposed 4.2 Billion Records, Most from America
January 26, 2017
The United States was the main target of hacker attacks last year, resulting in a record number of data breaches. According to a report from Risk Based Security, during 2016 there were 4,149 data breaches which resulted in the exposure of 4.2 billion records. Nearly half, or more specifically 47.5%, of the breaches that exposed user ...
- Yahoo Under SEC Investigation for Taking too Long to Reveal Data Breaches
January 23, 2017
Yahoo is in big trouble with US authorities due to how it handled the massive data breaches it disclosed last year, more specifically its failure to inform investors of the issues at an earlier time. The United States Securities and Exchange Commission (SEC) has launched an investigation, the Wall Street Journal reports, which is yet in ...
- Smaller firms set to ‘face £52bn in fines’ for security breaches as cyber-crime skyrockets
January 14, 2017
British firms were each subjected to an average of almost 230,000 cyber attacks in 2016, according to analysis from business internet service provider Beaming. The average volume of attacks hitting individual company firewalls passed the 1,000 per day mark for the first time in November. Meanwhile, the Payment Card Industry Security Standards Council suggested that UK firms ...
- Detroit Car Makers Allegedly Hacked, Names and Social Security Numbers Stolen
January 13, 2017
Detroit’s Big Three automakers are the latest big companies to become victims of hackers, with a new report now claiming that employees’ names and social security numbers might have been exposed during a breach. Details are very sketchy at the moment, and there is no confirmation from the involved companies, but according to the 7 Action ...
- 11 Gigabytes of Sensitive Data Belonging to US DoD Staff Exposed
January 5, 2017
Personal details of doctors who are deployed in the United States Special Operations Command (USSOCOM or SOCOM) have been exposed due to a security vulnerability discovered in a server operated by health services contractor Potomac Healthcare Solutions. MacKeeper Security Researcher Chris Vickery discovered in late December that Potomac, which provides healthcare workers to the government through ...

