2 million affected in year’s largest healthcare cyberattack


Shields, which provides imaging services and outpatient surgical services, said the affected facility partners include Emerson Hospital, Tufts Medical Center and Central Maine Medical Center. Compromised information includes full names, Social Security numbers, dates of birth, home addresses, provider information, diagnoses, billing information, insurance numbers, medical record numbers and patient IDs, it said.

However, Shields said it has no evidence that personal information was used for theft or fraud.

Shields reported the breach to HHS’ Office for Civil Rights on May 27, according to the HHS breach portal. HHS gives entities covered by the Health Insurance Portability and Accountability Act 60 days from when they discover a data breach to notify the department.

Shields did return a request for comment.

Hacking and IT incidents resulting in breaches like that of Shields’ accounted for nearly three-quarters of healthcare data breaches in 2021, including 10 of last year’s largest breaches.



Source link