Why Shields Health Care Group Suffers Data Breach? Expert Weighs In

By   ISBuzz Team
Writer , Information Security Buzz | Jun 08, 2022 03:44 am PST

Shields Health Care Group has suffered a data breach affecting two million patients. Although the organization claims that no information accessed in the breach has been “misused or disseminated,” we know that consequences still stand no matter the outcome, especially when it comes to the healthcare field and its vulnerable patients. Shields Health Care Group’s business type relies on a handful of partnerships with hospitals and medical centers, so these consequences could affect over 50 facilities and their patients.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Garret F. Grajek
InfoSec Expert
June 8, 2022 11:48 am

The key to remember here is the collaboration and integration of hacking components and groups. One group discovers the vulnerability, another creates the exploit and yet another mans the C2 (command and control) center to receive the communication from the infected host. The seriousness and efficiency of the collaboration cannot be underestimated. Enterprises must implement new concepts like zero trust and implement stringent identity governance to know what permissions they have granted to all accounts and to watch for any changes.

Last edited 1 year ago by Garret F. Grajek
Craig McDonald
Craig McDonald , VP of Product Management
InfoSec Expert
June 8, 2022 11:45 am

Unfortunately, healthcare organizations are a frequent target of cyberattacks due to the amount of personally identifiable information stored in their systems, as well as the vulnerability of those affected. In this case, over two million patients belonging to Shields Health Care Group had their personal information compromised when hackers breached the network and stole data including names, social security numbers, diagnoses, insurance information, and other medical information. Although there is currently no evidence that any of the data has been misused, the potential is there.

The sort of personal data accessed in this breach can be used in a variety of ways to negatively impact the organization, or perhaps more importantly its patients, including phishing, scamming social engineering, and extortion. To ensure that vulnerable healthcare patients remain protected and their data stays safeguarded, healthcare organizations must prioritize their cybersecurity posture. Automating network security processes helps to ensure that they are executed consistently and predictably. Keeping the network security posture current and compliant with policy through automated tasks will also help prevent some attacks entirely. Additionally, implementing a strategy for backing up and restoring the network in the event of data breaches and other cyberattacks can mitigate the impact of these situations. A backup strategy should include housing a complete IT inventory, outlining specific responsibilities, exercising alternative communication methods, and a means by which any member of the team can validate the results.

Last edited 1 year ago by Craig McDonald

Recent Posts

Would love your thoughts, please comment.x