kras99 - stock.adobe.com

Patient data stolen in DocGo cyberattack

DocGo told the SEC that data was accessed and acquired during a cyberattack against its U.S.-based ambulance service.

DocGo, a large provider of mobile medical services and transportation in 26 U.S. states and the United Kingdom, reported a cyberattack and subsequent data breach via a Securities and Exchange Commission (SEC) Form 8-K filing.

The incident only impacted its U.S.-based ambulance transportation business. DocGo stated that a threat actor accessed and acquired data, including protected health information, from a “limited number” of healthcare records.

The SEC filing did not indicate how many individuals were impacted, but DocGo said it had started the process of providing notifications.

“To date, the cybersecurity incident has not had a material impact on the Company’s operations, and the Company currently does not expect that the cybersecurity incident will have a material impact on its overall financial condition or on its ongoing results of operations,” the filing continued.

NJ dermatology practice suffers 380K-record breach

New Jersey-based Affiliated Dermatologists and Dermatologic Surgeons (AD) notified 380,000 individuals of a cyberattack that occurred in early March. Upon discovery, AD engaged a response team, disconnected access to its network, and notified its third-party IT provider.

Further investigation revealed that an unauthorized party had accessed AD’s network between March 2 and March 5. During that period, the threat actor accessed systems, copied data pertaining to patients and employees and left a ransom note.

The patient data involved in the breach included names, dates of birth, Social Security numbers, health insurance claims information, treatment information, and mailing addresses. For employees, the breached information may have included names, dates of birth, addresses, driver’s license numbers, passport numbers, and Social Security numbers. The actual impacted information varied for each individual.

AD said it has since implemented constant network security monitoring, password resets, and multi-factor authentication for all remote access.

MedStar Health notifies patients of unauthorized employee email access

MedStar Health notified 183,079 individuals of a data breach that resulted from unauthorized access to three employee email accounts. MedStar Health operates more than 500 specialty, urgent care, and primary care locations across Maryland, Washington, D.C., and Virginia.

The access occurred between January 25, 2023 and October 18, 2023. However, MedStar’s notice did not disclose when it discovered the incident. Rather, it noted that by March 6, 2024, it determined that patient information was included in the emails and that files were accessed.

“While we have no reason to believe that patient information was actually acquired or viewed, we cannot rule out such access,” MedStar stated.

The emails and files included patient names, addresses, provider names, dates of service, and health insurance information. MedStar encouraged impacted individuals to review their healthcare statements.

“We take this matter very seriously. We employ appropriate physical, technical, and administrative controls to ensure the safety and confidentiality of patients’ information,” MedStar continued.

“Nonetheless, to help prevent something like this from happening again, we have implemented additional safeguards and security measures to enhance our existing controls. We have also notified law enforcement.”

Next Steps

Dig Deeper on Healthcare data breaches