Photo by Chris Ried, Unsplash
CorrectHealth, an organization that provides healthcare to those in correctional facilities, has suffered a data breach. The significance of this incident is that it has potentially exposed full names, social security numbers and addresses of at least 54,000 people. This represents one of several cyber-incidents occurring during the summer of 2022.
CorrectHealth has engaged the help of a cybersecurity firm to investigate the incident and has complied with the U.S. FBI as part of a larger investigation into the unnamed threat group responsible.
Weighing in on the incident for Digital Journal is Daniel Selig, Security Automation Architect at Swimlane.
Selig begins by providing an assessment of the organisation and the significance of the lost data, noting: CorrectHealth provides healthcare to those in correctional facilities. The incident has impacted 54,000 people.”
CorrectHealth is an attractive organisation for cyber-criminals to target, as Selig finds: “Healthcare organizations have unfortunately become one of the largest targets for cybercriminal groups due to the appeal of the wealth of sensitive information stored in their online systems and the vulnerability of their patients.”
The key asset is data and the data that informs about the core personal information. Here Selig says: “Protected health information (PHI) is extremely valuable for cybercriminals looking to sell it on dark web marketplaces for identity theft purposes.”
This means organisations needs to provide added protection. Selig says: “Because of this, it is crucial for organizations to invest in cybersecurity to achieve greater visibility into IT environments, ultimately allowing them to identify and thwart potential threats.”
With the specific incident, Selig states: “This data breach affecting CorrectHealth mirrors the July data breaches of First Street Family Health (FSFH) and the travel nurse agency Gifted Healthcare, which affected over 7,000 and 13,700 people, respectively.”
There are measures that firms, especially those operating in the health arena, can take to lessen the likelihood of a cyberattack. Selig recommends: “To reduce the risk posed by similar attacks in the future, healthcare organizations should use security automation to enable rapid detection and mitigation of security incidents.”
Selig also advises: “Low-code security automation enables security teams to operate more efficiently by speeding up investigations, reducing false positives, and ultimately reducing the dwell time of attackers and ensuring that valuable data remains secure.”