Medical entities are a focus for cybercriminals.

Medical entities are a focus for cybercriminals.

https://www.scmagazine.com/analysis/breach/behavioral-health-group-informs-198k-patients-of-data-theft-from-december

Exploit: Hacking
Behavioral Health Group: Addiction Treatment Center Operator

risk-to-business-img-r1

Risk to Business: 1.716 = Severe

Behavioral Health Group recently began notifying 197,507 patients that their data was stolen in a December 2021 cyberattack. The opioid treatment provider’s 80 clinics suffered a week of IT outages that disrupted patient care after a cyberattack forced the team to shut down portions of the network. That in turn caused delays for health services like refilling patient medications, a critical part of the recovery process for many addiction treatment patients.

risk-to-business-img-r1

Individual Risk: 1.802 = Severe
The stolen data varied by patient and could include patient names, Social Security numbers, driver’s licenses, passports, biometrics, health insurance information, diagnoses, treatments, prescriptions, dates of service, and medical record numbers. Only patients whose SSNs were compromised will receive free credit monitoring.

How it Could Affect Your Business :Medical entities of all sorts have been high on cybercriminal hit lists because they know that it’s a rich and time-sensitive industry.

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.