Valuable insights and thought leadership.
- Breadcrumb News
- In The News
21st Century Oncology has agreed to pay a $2.3 million fine to the Department of Health and Human Services for a 2015 data breach that impacted more than 2.2 million patients.
According to court documents, the national cancer care provider headquartered in Fort Myers, Florida, has also agreed to class action lawsuits filed in 2016. 21st Century Oncology operates 179 treatment centers across 17 states.
The breach of the company’s network SQL database and theft of the medical data and Social Security numbers of millions of patients is believed to have occurred as early as October 3, 2015.
By now you’ve probably heard the terms ‘Meltdown’ and ‘Spectre’ making their rounds in security, tech, and even mainstream news. But if you’re like the majority of the population, these terms don’t mean much to you, nor are you actively paying attention the unfolding of events.
Let’s start by saying that if you’re reading this article, you’re affected. In fact, if you own a computer, smartphone or tablet made in the last 20 years, you are affected. The ‘Spectre ‘and ‘Meltdown’ vulnerabilities affect almost every computer in the world.
Got your attention now?
Meltdown and Spectre are the names of two serious security flaws that have been found within computer processors. They could allow hackers to steal sensitive data without users knowing, one of them affecting chips made as far back as 1995. The vulnerabilities were discovered last year, but only recently disclosed to the public.
It’s time to have ‘the talk’ with your parents – the security talk, that is.
2017 was, undoubtedly, the worst year for cyberattacks of all time; and it’s safe to assume that cybersecurity will get brought up at family get-togethers throughout 2018. With half of the American population affected by Equifax’s breach, security will be fresh on everyone’s minds.
Being the tech wiz that you are, your ‘family time’ likely doubles as a free visit from their favorite tech support – and this year will be no different. Uncle Joe will probably bring up the Uber breach coverup (and use it to comment about ‘kids these days’), and Grandma will likely ask you about her Yahoo account (that she’s still using).
Take this opportune moment to provide security tips to all of your family members. Explaining cybersecurity to relatives who grew up in an age without computers can be difficult, so be sure to explain it in a way they’ll understand.
The Center For Health Care Services, based in San Antonio, Texas, has notified 28,434 patients of a breach of privacy on their personal and health information. The data was allegedly stolen when a former employee took the information after being fired in 2016.
The compromised data includes patients’ Social Security numbers, dates of birth, medical records numbers, dates of services, referral information, progress notes, types of services, diagnoses, medications, lab and toxicology reports, autopsy reports, death certificates, treatment plans and discharge and death summaries.
According to the released statement: “A former employee of CHCS was discovered to have secretly taken personal health information from CHCS on his personal laptop computer at the time his employment was terminated on May 31, 2016. The discovery was made on Nov. 7, 2017, as a result of documents produced in litigation between the former employee and CHCS.”
Let’s face it: 2017 was a rough year for cybersecurity.
Large-scale hacks were revealed one after another in the year that nothing seemed safe. These cyberattacks highlighted the alarming vulnerability of our personal information in a world where everything is stored online and subject to hacking.
A reintroduced Senate bill is addressing a timely topic. The bill aims to make it a crime, punishable by up to five years in prison, if companies knowingly conceal a data breach. After a year of high-profile cyber attacks, like the Equifax breach, and news that Uber concealed a breach impacting 57 million users for a year, Sen. Bill Nelson, is reviving a previously unsuccessful bill called the “Data Security and Breach Notification Act.”