Health network provider MedStar Health reportedly confirms it suffered a major data breach involving an unauthorized individual accessing three employees' emails and files, possibly exposing the data of 183,709 patients.

MedStar Health delivered notification letters to certain patients whose personal information may have been compromised connected to a data incident on May 3, 2024, per the company's official notice.

The emails and files allegedly contained patient names, insurance information, dates of service, birth dates, mailing addresses, and provider names.  

Washington Hospital Center, Georgetown University Hospital, and many hospitals in the Baltimore region are among the facilities owned by MedStar Health. 

According to the corporation, the unapproved access happened "intermittently" between January 25, 2023, and October 18, 2023.

On March 6, 2024, MedStar discovered that patient information was present in the obtained emails and files following a forensic examination of the illegal access.

The company concluded it could not completely rule out the possibility of patient information being accessed, even though it maintained it had no evidence to suspect it was ever obtained or viewed. 

The company urged patients whose information was compromised to carefully study their statements and get in touch if anything seems out of the ordinary about the healthcare services or expenses they incurred.

It added that further precautions have been implemented to stop similar accidents in the future. 

Read Also: Medical Tech Company LivaNova Reports Cyberattack Compromising US Patients Data 

Healthcare's Cyberattack Susceptibility

This is another piece of evidence that hackers are still concentrating on healthcare companies. A recent study by Ross Koppel and Craig Kuziemsky found that the healthcare sector is especially susceptible to these attacks.

According to the report, connecting patient care across different contexts involves several physicians, facilities, and transactions, and patient care is dynamic and ever-changing. 

Since mobile healthcare equipment and linked healthcare delivery systems have made healthcare data more appealing, they also make it more vulnerable.

The study notes that the wide variations in digital health use patterns make creating security solutions for every environment or physician more difficult.  

According to other sources, the healthcare sector may be particularly susceptible to cyberattacks because of poor management practices and a lack of knowledge about the risks connected to end-of-life (EOL) circumstances.

With focused training on risk reduction and compliance, healthcare professionals may be able to stop security breaches and raise their understanding of the hazards associated with EOLs.  

UnitedHealth Data Breach

Andrew Witty, the CEO of UnitedHealth, said just this week in front of a Senate committee that the company paid $22 million to the Blackcat ransomware organization after one of the health insurance provider's subsidiaries was breached earlier in the year.

Witty said senators during a protracted legislative hearing that the business was unaware of the number of patients and medical personnel affected by the February cyberattack on Change Healthcare.

Witty verified, however, that according to the prepared testimony provided before the hearing, UnitedHealth had paid BlackCat a $22 million bitcoin ransom.

Legislators disclosed last Wednesday that even after the ransom was paid, some patient data is still hacked and accessible for inspection on the dark web.  

Related Article: Why Nithin Narayan Koranchirath Believes Predictive Analytics Is the Future of Healthcare 

(Photo: Tech Times)