Home Care Providers of Texas Hack Affects 124,363 Patients
Table of Contents
- By Miguel
- Jan 24, 2023
It seems like we're reporting on a new breach involving medical practices every week. From the smallest insurance company in the world to the biggest hospitals in the U.S., medical institutions will always be a primary target. This is for multiple reasons. Of course, there's the psychological value in making people feel unsafe in a place like a hospital where they are supposed to feel safe and protected. The main reason, however, is that medical information is extremely valuable. It is one of the highest-selling pieces of stolen PII on the dark web.
How Did the Attack Occur?
Home Care Providers of Texas had its computer system encrypted by an unknown party. According to the company's notice, the breach occurred on June 29, 2022. As a result of an immediately launched investigation, it was found that the hacker removed some files from HCPT's databases along with encrypting the network. It is unclear whether or not this information has been recovered or not.
What Information Was Viewed or Stolen?
Certain medication information was accessed, along with birthdays, names, addresses, social security numbers, and specific treatment and diagnosis information. This breach will easily have detrimental effects on people's lives. The best news is that the breach involved no financial or insurance information, though the hacker likely tried to find it.
How Did HCPT Admit to the Breach?
HCPT filed a notice with the Texas Attorney General's Office around January 13, 2023. This is the same day that breach notices were sent to victims. The letters contained apologies and explanations, assuring customers that every possible precaution was being taken to deter another breach.
What Will Become of the Stolen Information?
The information the hacker accessed is incredibly delicate, and it could easily throw someone's life into chaos and out of balance. The information will likely be sold, meaning there is no limit to how many people can access it. This puts them in increased danger, as their addresses and names were involved. It will make it easier for people to stalk or kidnap them. There are a lot of dangers associated with online crime that is often overlooked in favor of fooling one's self into a false sense of security.
What Should Affected Parties Do in the Aftermath of the Breach?
The first thing you should do after any data breach is to take an often-overlooked step; file a police report. This way, if you are ever victimized further or have your identity stolen, there is evidence of you taking steps to prevent it or at least be aware of it. It's also a very smart idea to sign up for credit and identity monitoring, as these services or software titles will alert you to any misuse of your information. Another great idea is to sign up for a dark web monitor. Many identity and credit monitoring services include dark web monitoring that will notify you if your information shows up on the dark web.