ARcare suffers breach, exposing 345,000 patients’ personal information

ARcare suffers breach, exposing 345,000 patients’ personal information

https://portswigger.net/daily-swig/data-breach-at-us-healthcare-provider-arcare-impacts-345-000-individuals

Exploit: Ransomware
The Coca-Cola Company: Beverage Manufacturer & Distributor

risk-to-business-img-r1

Risk to Business: 1.711 = Severe

ARcare, a medical services company that operates clinics for underserved communities in Arkansas, Kentucky and Mississippi, disclosed a data breach impacting an estimated 345,000 patients in a filing with The U.S. Department of Health and Human Services (HSS). After a disruptive incident on February 24, 2022, an investigation turned up the unwelcome news that a malicious hacker had access to ARcare’s network over a five-week period between January 18 and February 24.

risk-to-business-img-r1

Risk to Business: 1.814 = Severe

Potentially exposed patient data includes names, Social Security numbers, drivers’ license or state identification numbers, dates of birth, financial account information, medical treatment information, prescription information, medical diagnosis or condition information and health insurance information.

How It Could Affect Your Customers’ Business: This is going to be a very expensive problem once regulators get finished with it.

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.