Major U.S. nonprofit healthcare provider MedStar had the personal data of 183,000 patients compromised following a months-long data breach last year, according to Cybernews.
Attackers were able to infiltrate MedStar's systems after breaching three employee email accounts between January and October 2023, enabling unauthorized access to individuals' names, birthdates, mailing addresses, service dates, provider names, and health insurance details, said the health provider in breach notification letters sent last week.
MedStar also emphasized that there has been no evidence suggesting the exfiltration or viewing of the exposed data while noting that it has already adopted additional measures to better protect patient data from future attacks. Despite no indication of data exfiltration, individuals whose data may have been affected were urged to be vigilant of possible medical identity theft, phishing attacks, and other fraudulent activities, which may include the potential use of compromised personally identifiable information for new credit accounts and loan applications.