Regal Medical Group Data Breach Affects Patients of At Least Four Healthcare Providers
Table of Contents
- By Steven
- Feb 06, 2023
It’s been less than a week since February 2023 started, yet we are, reading about a new medical breach. Over 90% of hospitals have admitted to being victims of data breaches. Considering recent years and recent news, it’s easy to believe, however difficult it is to swallow. Regal Medical Group owns ADOC Medical Group, Greater Covina Medical, and Lakeside Medical Organization, collectively “Regal.”
How Did the Attack Occur?
The attack was the result of a malware attempt on Regal’s servers. The company noted a system lag on December 2, 2022, and an investigation was immediately launched, attempting to find the cause. On December 8, 2022, it was discovered that malware had infected the company’s systems. A third-party investigator was involved in looking into the data breach, finding that there was quite a lot of personal information involved.
What Information Was Viewed or Stolen?
The company’s letter explained that the hacker had potentially accessed the social security numbers of only a few of the impacted individuals. Otherwise, the victims had their names, addresses, birthdays, laboratory test results, diagnosis and treatment information, radiology reports, prescription data, phone numbers, and health plan numbers. This is a surplus of the information the hacker needs to commit insurance, medical, and tax fraud, along with identity theft.
How Did Regal Admit to the Breach?
Regal admitted to the breach by sending notifications to the California Attorney General’s Office and the victims of the breach. It read, “The Regal team worked with our vendors to efficiently restore access to our systems and to analyze the impacted data… Regal is taking steps to notify you of this breach to ensure transparency and awareness of our findings.”
What Will Become of the Stolen Information?
The stolen information is almost guaranteed to be used. The chances of the hacker not using the information are infinitesimally small, as the details are incredibly sensitive and easy to use to commit any number of crimes. Not only is medical and insurance fraud a booming business at this point, but there is also a high chance of abductions and similar violent crimes due to names and addresses being accessed. The hackers could also use the gathered information to commit identity theft or sell it on the dark web and make a large sum.
What Should Affected Parties Do in the Aftermath of the Breach?
Anyone affected by a breach this severe should file a police report. It is too often overlooked by the victims of most data breaches and can be of use later. Another very important step is accepting the free year of credit monitoring Regal offers the victims. After the year is up, you will likely want to sign up for more, as well as dark web and identity monitoring, which IDStrong offers. We only hope that you and your loved ones stay as safe as possible, even though these times are dangerous and scary.