The hard-pressed healthcare sector has suffered yet another cybersecurity setback. It looks as if a hack on US healthcare billing claims vendor Med Associates has penetrated the medical records of more than quarter of a million patients.
The attack took place in March, through a member of staff’s workstation. Med Associates has launched an investigation into the breach which has compromised the patients’ personal and medical data, but not their financial information. Nevertheless, the company is offering free credit monitoring to all victims.
It appears that Med Associates has failed to notify the authorities of the breach within the mandatory sixty-day timescale. A previous failure to do so by Presence Health in Illinois resulted in a fine of nearly half a million dollars.