Specialty Networks, a Tennessee-based IT vendor specializing in radiology information systems and transcription services, has disclosed a significant data breach affecting 411,037 individuals. The breach, detected in December 2023, involved unauthorized access to sensitive personal and protected health information. The compromised data includes names, Social Security numbers, medical record numbers, treatment information, and health insurance details. The company serves several clients, including Prime Imaging, Diagnostic Radiology Consultants, Allied Mobile, and Videre Diagnostics.
The breach was initially detected on December 18, 2023, when Specialty Networks observed unusual activity on its network. Upon discovering the breach, the company engaged a digital forensics firm to investigate and secure their systems. The investigation revealed that the data theft occurred a week earlier, on December 11, 2023. After confirming the breach, Specialty Networks began notifying affected healthcare providers and worked to verify and update the information of those impacted.
In response to the breach, Specialty Networks is offering affected individuals 12 months of complimentary identity and credit monitoring. The company has also reported the incident to the FBI and implemented additional security measures to prevent future breaches. Despite these efforts, the breach has resulted in at least four proposed federal class action lawsuits against the company. The lawsuits allege that Specialty Networks was negligent in protecting sensitive patient data, putting individuals at risk for identity theft and fraud.
This breach is among the largest health data breaches reported to the U.S. Department of Health and Human Services (HHS) this year. It underscores the growing concern over the security of healthcare data, particularly with breaches involving business associates like Specialty Networks. According to HHS, this breach is part of a troubling trend, with 159 breaches involving business associates affecting nearly 22.8 million individuals out of the 54.1 million affected by major breaches reported so far this year.
Reference:
