Salusive Health Data Breach | ||
| DESCRIPTION | ||
Salusive Health, a California-based healthcare firm, announced in early May that it had been the victim of a data breach. The digital healthcare startup, also known as myNurse, specializes in providing care management, monitoring, and coaching to remote patients. The breach was first discovered on March 7th, 2022, as unauthorized access to the firm’s health data. The company began sending out breach notifications to patients believed to be affected on April 29th. The breach involved personally identifiable information (PII) such as names, contact information, gender, and birth dates. Medical information such as lab test results, prescriptions, diagnoses, and treatments, plus health insurance details like medical account numbers, claims, policy, and group plan numbers, were also accessed. To date, there is no evidence that anything was done with the compromised information. It is not yet known how many patients were affected by the breach.
| ||
| IDENTIFY INDICATORS OF COMPROMISE (IOC) | ||
While Salusive Health has not provided any details about the breach, a spokesperson said that the company identified unauthorized activity within its computer network back on March 7th, 2022. | ||
| CONTAINMENT (If IoCs are identified) | ||
The company states that they went into immediate action once the incident was discovered. This included the implementation of a containment strategy that managed to terminate the unauthorized activity. An outside cybersecurity firm was brought in to assist in securing the network and begin mitigation and restoration efforts. The incident was reported to the FBI. In addition, the company also contacted the California Attorney General’s Office to comply with the California Consumer Protection Act (CCPA). Affected patients were invited to enroll in a program that provides 24 months of credit and CyberScan monitoring as well as a $1 million insurance reimbursement policy. | ||
| COMPANY CLOSES ITS DOORS | ||
In addition to the breach notification, Salusive Health also alerted patients that they were ceasing clinical operations effective May 31st, 2022. Patients are encouraged to notify their primary physicians to transition their remote care back to a local clinic. The company’s CEO said that the decision to shut its doors was unrelated to the breach but instead was being done to help company leadership to adjust their business model in response to a changing healthcare landscape. | ||
| PREVENTION | ||
It is important that businesses adhere to the principle of least privilege (PoLP) regarding their sensitive and proprietary data. Users should only have access to the data and resources they need to perform their job duties. This policy should also apply to high-level IT admins and company executives, as the compromise of a single account can give unbridled access to an attacker. Multifactor authentication (MFA) should be utilized for not only email access but also for basic server access. All database resources should be partitioned from the production network using a solution such as a next-generation firewall or micro-segmentation that restricts only allowed traffic types between known IP addresses, ports, and protocols. Filters should also be implemented to analyze and scrub incoming traffic for malicious or suspicious code. | ||
Define your Incident Response Readiness (IRR) in the event of an attack. Schedule a Security Architecture Review to ensure your network is secure. |
Cybersecurity & Risk News, Updates, Resources
HALOCK Breach Bulletin
Exploit Insider
Cybersecurity Awareness Posters
Frequently Asked Questions
What is HIPAA compliance?
This refers to the process for following the procedures required by the Health Insurance Portability and Accountability Act. HIPAA is the law that established the current standards for protecting patients’ sensitive health-related data. The goal is to ensure healthcare companies do everything possible to secure and protect this information to prevent data breaches.
What is a HIPAA-covered entity?
Entities that are required to adhere to the HIPAA standards include healthcare providers, health plan providers, and healthcare clearinghouses. All of these entities are entrusted with patients’ personal information, including Social Security numbers (SSNs), bank account details, and medical histories. Any enterprise that falls into these categories can benefit from HIPAA compliance solutions.
What are HIPAA violations?
There are a number of ways in which a HIPAA-covered entity can fail to comply with regulations. These can include transmitting patient data without sufficient encryption, disclosing patient information to unauthorized entities, or falling victim to cyberattacks that expose the data. The scope of potential violations and the severity of the penalties involved make it all the more important that businesses enlist the help of HALOCK as their HIPAA consultant.
Are there any new HIPAA requirements we should be aware of?
If your organization is responsible for HIPAA compliance, you may have another incentive to begin regular pen testing. That is because on December 24, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (NPRM) to modify HIPAA. Learn more details in this HIPAA article.
Where can I find a guide to HIPAA Acronyms?
Read a glossary of HIPAA and healthcare acronyms.
What are the top threats facing the healthcare industry?
Top Cyber Threats in Healthcare
Review Your Risk and Security Profile.
ARTICLE: Top Cyber Threats in Healthcare
