Pair of healthcare data breaches affect millions
The travel season is almost upon us, but now is not the time for your cyber hygiene to go on vacation.
Cybercriminals are always on the hunt for ways to steal your valuable, personal data, and their attacks sometimes shift depending on the time of the year.
Phishing emails may tout vacation deals that are seemingly too good to be true. And with the amount of travel everyone will be doing over the next couple of months, there’s always the danger of cybercriminals setting up shop in public places with poorly secured Wi-Fi, and the risk of having your devices outright stolen.
It’s important to continue to practice good cyber hygiene as you travel this summer. Do not use public Wi-Fi. Connect to a VPN instead. If you need to work while away, be sure all of your devices are safely stored out of sight.
In this week’s installment of the BlackCloak Thursday Threat Update, we’ll take a look at a pair of data breaches affecting healthcare organizations.
WebTPA breach affects more than 2.4M patients
What we know: WebTPA Employer Services disclosed a data breach it experienced affecting more than 2.4 million people. WebTRA, a Texas-based provider of administrative services to health insurance and benefit plans, reported the breach to the Department of Health and Human Services earlier this month. The organization said dates of birth, dates of death, Social Security numbers and insurance information were exposed in the incident.
Recommendations: In its notice on the breach, WebTPA said it will be offering anyone affected by the breach two years of complimentary identity monitoring services through Kroll. Since Social Security numbers were caught up in the breach, those impacted by the incident should place a credit freeze and fraud alert on their accounts. WebTPA has also set up a dedicated call center to answer any questions tied to the breach. The center is open Monday through Friday from 9AM to 6:30PM EST.
Ransomware behind Singing River Health System Breach
What we know: Singing River Health System fell victim to a ransomware attack affecting around 900,000 patients. The Mississippi-based healthcare organization began to notify those whose data was exposed in the incident. Cybercriminals were able to access patients’ names, addresses, dates of birth, health information and Social Security numbers.
Recommendations: Similar to the WebTPA breach, SRHS said in a notice on its website that it will offer a year of complementary credit monitoring and identity theft services and have also set up a hotline to answer any questions tied to the breach. The data breach notice also includes steps on how to request a credit report from the three major credit reporting agencies: Experian, Equifax and TransUnion, and further recommendations to place a credit freeze and fraud alert on all affected accounts.
Secure Your Accounts as Soon as Possible
Cybercriminals may target large organizations holding sensitive information, but that doesn’t mean you should leave the safety of your digital identity entirely in their hands. There are steps you can take to ensure your accounts are protected and your valuable digital assets are secured.
Learn why you should enable multifactor authentication on your accounts and why you should never reuse credentials.
