BreachExchange mailing list archives
Class action filed after HHS warns 130 hospitals, health systems left millions' PHI exposed
From: Sophia Kingsbury <sophia.kingsbury () riskbasedsecurity com>
Date: Mon, 12 Jul 2021 12:29:25 -0400
https://www.beckershospitalreview.com/cybersecurity/class-action-filed-after-hhs-warns-130-hospitals-health-systems-left-millions-phi-exposed.html Two patients filed a class action against two radiology companies after more than 1 million patients who received care at hospitals nationwide may have been exposed because of vulnerabilities in medical imaging archiving software. Five things to know: 1. In mid-2019, cybersecurity researchers analyzed 2,300 medical images hosted by picture archiving communications systems, which hospitals use to share medical images and data, according to court documents. 2. The researchers discovered flaws in Northeast Radiology and Alliance HealthCare's service that allegedly permitted unauthorized access to more than 1.2 million patients' protected health information. The PHI that was exposed allegedly includes 61 million X-rays, CT scans, MRIs, medical test results, patient names, Social Security numbers and more. 3. The researchers contacted the radiology companies, but their warnings were ignored, the court documents said. 4. Two Northeast Radiology patients are suing the radiology firms on behalf of themselves and the class members to settle damages caused by the breach, the court filings said. The researchers who discovered the breach said the value of the damages exceeds $1 billion and might be as high as $3.3 billion, due to the risk of theft from exposure and a large number of alleged victims. 5. In a June 29 news release, HHS warned that about 130 hospitals and health systems were using PACS, with more than 2 million patients and 275 million medical images and PHI potentially exposed.
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Class action filed after HHS warns 130 hospitals, health systems left millions' PHI exposed Sophia Kingsbury (Jul 13)