Data Breach of Healthcare Management Solutions, LLC Affects Half-a-Million People
Table of Contents
- By Steven
- Published: Nov 29, 2022
- Last Updated: Nov 30, 2022
Healthcare Management Solutions, known as a healthcare-related consulting company from West Virgini, has over 100 employees and brings in nearly $20M annually. Their focus is quality-improvement for all types of care provided to our most vulnerable populations, including veterans. A breach of their systems could put those who are already at risk into an even riskier situation.
How Did the Attack Occur?
Cyber attackers went after Healthcare Management Solutions, LLC, presumably looking for, and finding, patient information. They filed a notice of a breach with the HHS-OCR (Department of Health and Human Services, Office for Civil Rights), which is only required when patient information specifically is at risk. The company confirmed the data breach affected at least 500,000 people, most of them now worrying about the future of their identities.
What Information Was Viewed or Stolen?
No one is sure what information is at risk, but it could be any number of patient information files. The types of patient information this company kept include:
- Names and addresses
- Phones and emails
- Healthcare information
- Insurance information
- Medical diagnoses
- Medical procedure history
- Payment information
- And more
Any of these types of information could now be in the hands of the cyber attackers that went after the company. As the investigation progresses, more information will likely become available about the breach and the information contained.
How Did Healthcare Management Solutions, LLC Admit to the Breach?
The breach came to light from the filing of paperwork that discussed the breach and what is known about it. When more than 500 people’s patient information is at risk, the HHS-OCR requires a specific set of paperwork to be filed, which is what Healthcare Management Solutions, LLC did.
What Will Become of the Stolen Information?
Hackers can do a lot with stolen patient information because of how specific that information is. They only need a few pieces of accurate information to steal someone’s identity, and these files were likely full of numerous pieces of accurate patient information. Unfortunately, that means this could be a proverbial treasure trove when it comes to hackers trying to steal the identities of this population. They may also take the information and sell it off on the Dark Web. It could be sold in individual pieces that all connect to one individual, or they could sell the information off as one large group. Both would be devastating to the patients in the end.
What Should Affected Parties Do in the Aftermath of the Breach?
Whenever there is a data breach, people need to take precautions. If you believe your data to be at risk, make some simple changes to ensure it is as safe as possible. Change all of the affected accounts’ passwords to something totally new and unique. Add multi-factor authentication to any account you can. Reach out to banks and other financial institutions if you see any charges you did not make. You should also invest in identity monitoring services to ensure that you get an instant notification should anyone try and use your personally identifying information anywhere without your permission.
