Server of Hampton Roads Community Health Center was compromised

A Virginia-based healthcare service provider of Portsmouth becomes the victim of data security breach. Hampton Roads Community Health Center (HRCHC) has discovered that their server having the (unencrypted) patient data was compromised. The HRCHC said somebody has gained access to the health center's digital files, and personal information of patients' might have been compromised.

The health center said that the security incident happened on December 17, 2018. HRCHC further added that it contacted FBI and the police immediately when it became aware about the breach on December 17.

It's still not clear the numbers of people who are potentially affected, nor is it known who are behind this attack. But the investigation determined that the files possibly contained personal information such as names, dates of birth, gender, plan member identification numbers, health plans, and medical conditions that might have been accessed. HRCHC also said that for a few patients, social security numbers, addresses, credit card information and driver license numbers could potentially have been compromised.

Officials of HRCHC said that they continue investigating on this incident and has also bolstered its security after the attack to avoid a recurrence, including encryption and upgradation of its servers. The officials of HRCHC said in one of the statement that "we are continually reinforcing our existing policies and practices and evaluating additional safeguards to prevent this type of incident from occurring in the future".

Jeri Prophet said that data breaches takes place every day, and on most occasions it is an application and not a person. Prophet is the owner of IntellectTechs, Information Technology (IT) Service Company of Virginia Beach. She added those HRCHC information "is worth a whole lot more money. Those records might be worth $25-$50 per record".

Prophet said that companies can follow a few simple steps in order to lower risk of getting breached. She said always ensure "that you're constantly updating. Not just a password these days, I mean just a single sign-on, that's no longer ample. Most companies are now making you do the multi-factor authentication where you have a password, you have a pin".

HRCHC said there is no sign that any information was misused at this point, however it is still encouraging the people to monitor their credit reports and bank accounts.

» SPAMfighter News - 3/8/2019