Allaire Health Services Becomes the Latest Cyberattack Victim
Table of Contents
- By Steven
- Sep 07, 2022
Allaire Health Services has confirmed hackers stole its internal data. An unauthorized individual obtained access to Allaire Health's network, downloading highly sensitive information that will likely be used to steal the identities of the company's patients.
Allaire officially filed a formal notice of a digital security breach in May. Below, we look at how the information was taken from Allaire, what the company did in response to the hack, and how other businesses, as well as those who simply surf the web or work from home, can prevent similar attacks.
How was the Data Stolen?
The hacker(s) accessed the email account of an Allaire Health Services employee. The employee targeted in the attack likely used a weak password or one related to his or her identity, family, or other identifiable interests.
What Type of Information Was Stolen From Allaire's Databases?
Allaire has admitted that its data was breached, detailing how the digital miscreant behind the attack stole everything from patient-protected health information to Social Security numbers, names, and additional sensitive details.
Additional personal information revealed in the attack includes health insurance information, prescription medication information, treatment modalities and frequency, medical history, patient payment information, and financial account numbers. The hack was so in-depth that it included customers' passports and driver's license numbers.
When did Allaire Acknowledge the Hack Occurred?
It took until the final week of November for the healthcare services provider to admit that it had been hacked. Shady activity in the form of unauthorized access to an Allaire internal employee's email messages tipped off Allaire IT personnel to the potential threat.
Allaire's IT team investigated the threat, quickly finding that the staff member's email messages, including all attached documents, were not only viewed but also downloaded. The breach occurred across a period of two weeks in mid-November.
How did Allaire Formally Recognize the Breach?
Allaire waited until the middle of May in 2022 to send data breach letters to those whose information was stolen during the cybersecurity incident. Allaire has an expansive customer base as it provides medical services at nearly half a dozen facilities. Though there are larger fish in the pond for hackers to target, Allaire does respectable business, raking in about $15 million yearly and employing just under 200 people.
What Steps Should Businesses and Others Take to Prevent Similar Breaches?
It merely takes one employee's email password for web criminals to access a treasure trove of information about a target business, patients, customers, and more. If you own, manage, market, or otherwise work for a business or organization of any type, you should be aware that hackers will likely target your enterprise in the months or years ahead.
What matters most is whether you are prepared for a digital attack. Tap into the protection provided by our digital security solutions, and you'll use your computers, networks, software, and other tech tools without worrying about web-based threats.
It only takes one slight misstep from a single employee, family member, or other computer/web user at your business, home, or other space. When in doubt, lean on the proven digital security experts for guidance in navigating the metaphorical minefield that is the internet, working from home (WFH), and on-site computing at the office.