Network hack of Sharecare Health Data Services possibly breached data of AltaMed and Blue Shield Patients

Sharecare Health Data Services (SHDS) notified recently about a network hack to AltaMed Health Services as well as California Physicians Service (who are doing business as the Blue Shield of California). The network hack possibly breached data of many AltaMed and Blue Shield patients. SHDS provides these 2 covered entities with the services of medical records management.

On December 31, 2018, Sharecare has notified AltaMed about a network hack which the officials of SHDS discovered first on June 22. An investigation found that the hack started on May 21, 2018. For Blue Shield of California (BSC) also, the breach started on May 21, 2018, however it was discovered first on June 26, 2018. Due to this, some data of AltaMed Health and BSC have been accessed and/or obtained by the hacker. As per the notice, "an unknown third party was able to access its servers, which contained your personal information and transfer that data to locations outside of the United States".

Once discovered, the officials of Sharecare took immediate steps in order to stop further access. Besides, they hired a team of third-party forensics to help in the investigation; and also retained a third-party in order to "implement 24/7 monitoring of its data systems, refined its data retention policies and improved its maintenance communications and protocols to ensure continuity across its network".

The data that was compromised include patient names, dates of birth, UID (Unique Identification Numbers), and addresses. For a few patients, the hacker accessed the names as well as addresses from where these patients received the health services, along with their medical records numbers, and the SDHS processing notes. Social Security numbers, credit card and banking data, driver's licenses, or clinical medical information was not compromised. All the patients will receive free credit monitoring for one year.

"This incident was not the result of any action or inaction by AltaMed and did not affect the integrity or security of AltaMed's digital environment," said the AltaMed officials in a statement. This security incident is yet to be posted on the breach reporting tool of Department of Health and Human Services, so it is still not known how many patients were impacted. AltaMed started notifying patients about the breach from Feb. 15, 2019. On the other hand, 5,767 residents of BSC were impacted by this Sharecare breach.

» SPAMfighter News - 3/11/2019