1M records potentially stolen from medical device and software maker Zoll

1M records potentially stolen from medical device and software maker Zoll

Posted on

Medical device and software maker Zoll Medical Corp. has disclosed that it has suffered a data breach that resulted in the possible theft of records belonging to around one million people.

A division of Asahi Kasei Group Co., Zoll develops and markets medical devices and software that assist in advanced emergency care, while increasing clinical and operational efficiencies. Devices made by the company include cardiac monitoring, oxygen therapy and ventilation.

In a filing with the Office of the Maine Attorney General, Zoll said that it had first detected unusual activity on its internal network on Jan. 28. It then consulted with third-party cybersecurity experts and informed law enforcement, but surprisingly did not cut access to whoever had breached their network until Feb. 2.

The “cybersecurity incident” resulted in the possible theft of data of 1,004,443 people. The data may have included names, addresses, dates of birth and Social Security numbers, and in some cases details about whether the individual has used or was considering using a Zoll product.

Those affected are being offered 24-month identity protection from Experian IndentityWorks, with an investigation into the theft ongoing. The form of attack has not been disclosed. The likely form of attack is ransomware but no ransomware groups are currently taking responsibility and it could have been a simple breach and data exfiltration.

“Major breaches like this one can have a devastating impact on organizations and users alike,” Stuart Wells, chief technology officer at identity verifications solutions company Jumio Corp. told SliconANGLE. “With personal details like names, birth dates and Social Security numbers compromised, one million patients, current and former employees, as well as their families, find themselves at risk of phishing attacks, insurance fraud, identity theft and account takeover attacks.”

Jocelyn Houle, senior director, Data Governance at unified data control startup Securiti Inc. commented that the Zoll data breach highlights the active threats and challenges healthcare organizations face in harnessing data while keeping it secure.

“Understanding and tracking the PHI data one holds is a priority for all healthcare organizations,” Houle explained. “With the advancements in AI & ML techniques, organizations can now leverage automation to accurately discover PHI data at scale no matter where it’s stored.”

Photo: Zoll Medical

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *