A new data breach in healthcare proves to be the Los Angeles County Department of Mental Health, as reportedly confirmed by the department. The data breach could have reportedly exposed sensitive patient information.
An employee of LACDMH clicked on a phishing email on March 20, which led to an account compromise. The department claims that the employee had patient and confidential customer information in such accounts.
LACDMH promptly requested assistance from a "nationally recognized forensic firm" to determine what had been accessed and downloaded. The organization found out after a full day of research that names were included in emails or attachments along with any or all of the following: date of birth, address, phone number, Social Security number, and medical record number.
Although it is unclear whether any of the information was accessed, LACDMH contacted the impacted individuals through the letter. Despite not having the addresses of some of the impacted clients, the department promised to get in touch with everyone.
Read Also: American Radio Relay League Confirms Cyberattack Disrupted Operations
Cyberattacks and Healthcare
LACDHM's data breach follows a string of multiple cyberattacks on healthcare, most recently, US health organization Ascension Health disclosed that it observed "unusual activity" that impacted its clinical operations and contacted cybersecurity firm Mandiant to look into a cyberattack.
According to Ascension Health's official statement, staff members are carefully trained to handle these situations, and the business has rules in place to ensure that patient care is administered in a safe and least disruptive manner.
The medical professional confirmed that the company had to stop conducting clinical activities and that it is now evaluating the extent and implications of the interruption.
Recently, a ransomware attack purportedly stole patient personal and health information from MediSecure, an Australian prescription medicine firm.
MediSecure could not say how many people were affected by the incident, but they said they would update their website as soon as more information became available. It further stated that to address the incident's aftermath, it has been in touch with oversight organizations including the Office of the Australian Information Commissioner, and is working with Oz's National Cyber Security Coordinator.
The National Cyber Security Coordinator characterized the infiltration as a significant ransomware data breach incident, and Australia's federal police are looking into it.
Healthcare's Cybersecurity
According to earlier studies, because patient care is dynamic and ever-changing, the healthcare industry is especially susceptible to cyberattacks.
To integrate patient care across numerous settings, a large number of clinicians, facilities, and transactions are needed. Threat actors still target healthcare providers because of this. Mobile devices and linked healthcare delivery systems have made healthcare data more appealing, but it has also made it more vulnerable.
The study points out that it is more challenging to provide security solutions for every setting or doctor due to the significant differences in digital health use patterns.
Related Article: Norway's Cyber Security Centre Urges Caution: WebVPN Use Raises Hacking Worries!
