Miami-based healthcare administration and managed care solutions provider, Independent Living Systems (ILS), reported a data breach that exposed the personal information of 4,226,508 individuals. The breach took place between June 30 and July 5, 2022, and is believed to be the largest data breach in the healthcare sector this year.
The breach could have given the perpetrators access to patients’ full names, Social Security numbers, taxpayer identification numbers, medical information, and health insurance information.
ILS stated that it completed its internal review on January 17, 2023, over six months after discovering the breach.
However, some affected individuals received preliminary results of the breach on September 2, 2022. The healthcare company also included instructions for one year of free identity protection services by Experian in the notifications.
This year’s first quarter has seen several high-profile healthcare data breaches, including the ransomware attack that exposed the data of 3.3 million patients of multiple medical groups in California.
Healthcare giant CHS also reported that some of its data had been compromised due to a zero-day vulnerability in Fortra’s GoAnywhere MFT product.
Cerebral, a healthcare platform, disclosed a breach that exposed 3.18 million people’s privacy due to a misconfiguration in its trackers.
The sensitive nature of medical information makes the healthcare industry an attractive target for cybercriminals, and the increasing number of data breaches highlights the importance of implementing robust cybersecurity measures to safeguard patient data.
Companies must prioritize detecting, preventing, and responding to security incidents to prevent further breaches and protect patients’ privacy.