Many North Carolina Hospitals Suffer From Serious Chain of Data Breaches
Table of Contents
- By Steven
- Sep 20, 2023
North Carolina hospitals were under attack from a streak of data breaches back in May of this year. The breaches resulted in some lost medical and personal information for many facilities throughout North Carolina. If you attended a hospital in North Carolina, there's a good chance at least some of your information was exposed by the breaches.
How Did the Attack Occur?
According to sources from local hospitals and some health tech companies, the C10p ransomware gang took credit for hacking into many medical IT service providers. These service experts specialize in highly technical services and, when breached, were vulnerable to losing significant amounts of data. Major companies like Nuance healthcare by Microsoft, Norton, Sony and others were all hacked in the string of attacks. It's unclear how the attack was possible by the gang, but we know the breach occurred around May 31, and that data was taken from a large number of patients in the attack.
What Information Was Viewed or Stolen?
As far as we know, this healthcare breach resulted in lost information about the treatments people received and their demographic information. We don't have any reason to believe that Social Security numbers were taken in this breach or other harmful data points. If you were part of the attack, you don't have to worry about identity theft attacks resulting from this breach.
How Did Nuance Admit to the Breach?
Nuance released a news release explaining when the breach occurred and what actions were taken to resolve the security issue. The company explains that a vulnerability in a tool by Progress Software is what enabled the attackers to get into its files and steal information. If any significant data was stolen in the breach, the company will likely send notices to everyone impacted as well. We don't have any reason to believe serious data was taken in this breach, though, according to the reports so far.
What Will Become of the Stolen Information?
The stolen information taken from the medical facilities will likely be used as leverage to try and get a ransom payment. Ransomware gangs like C10p are usually after money from the companies they steal information from. If your personal information was lost in the data breach, it's possible the information will be spread around the internet or resold to another interested hacker.
What Should Affected Parties Do in the Aftermath of the Breach?
The first thing you should do when you learn your data was part of the breach is check your credit. Run credit checks on all the bureaus and see what changes occurred on it. Also, monitor your bank account and consider investing in identity theft protection services. These different actions will help keep your data safe. If only demographic information and procedure information was taken you don't have much to worry about. Just watch your data for any suspicious changes and get ready to take action to protect yourself and you should be okay.