Shields Health Care Group has disclosed it was subject to a recent cyber security incident which could affect up to two million of its patients.
The company said it was alerted to suspicious activity that may have involved data compromise on 28 March 2022. Following the alert, Shields immediately launched an investigation into this issue and worked with subject matter specialists to determine the full nature and scope of the event.
This investigation determined that an unknown actor gained access to certain Shields systems from 7 to 21 March 2022, Shields said in a statement.
During this timeframe some data was acquired by the “unknown actor” and although on 18 March Shields had identified and investigated a security alert, at that time data theft was not confirmed.
Become a Cyber Security Hub member and gain exclusive access to our upcoming digital events, industry reports and expert webinars
According to the US Department of Health and Human Services Office for Civil Rights, where the Shields breach has been reported, up to two million individuals could be affected and the location of the breach is the company’s network server.
Shields said that at this time there is no evidence to indicate that any information from the incident has been used to commit identity theft or fraud.
However, the type of information that was or may have been impacted could include one or more of the following: full name, social security number, date of birth, home address, provider information, diagnosis, billing information, insurance number and information, medical record number, patient ID and other medical or treatment information.
The company said in response to the incident it has taken steps to secure its systems, which includes rebuilding certain systems. It also has safeguards in place to protect the data it has responsibility for, which continue to undergo review and enhancement.
Healthcare a prime target
Healthcare providers are high-value targets for cyber criminals because of the sensitive data they hold and the vulnerable people that can be affected by an incident. Combined, these two factors make healthcare providers more likely to pay a ransom when hit by a ransomware attack for example.
During the Covid-19 pandemic overstretched and under-resourced healthcare organizations became a prime target for threat actors.
An article by CyberPeace Institute CEO, Stephane Duguin in November 2021 said that on average 155,000 records are breached during an attack on the sector, though this number can be higher.
Duguin also noted that ransomware attacks on the sector occurred at a rate of four incidents per week in the first half of 2021.
More needs to be done in healthcare, according to Duguin, who said that cyber security in this industry suffers from a general lack of human resources. In addition, software and security tools need to be secure by design and investment in cyber security should increase.