CentroMed Data Breach Exposed 400,000 Patient Records


El Centro Del Barrio, operating as CentroMed, an integrated primary care clinic, confirms a recent cyberattack marking its second breach in a year. The earlier breach disclosed in August 2023, involved unauthorized access by the Karakurt threat group but data remained unreleased.

The current data breach saw hackers infiltrating their systems and gaining access to the personal data of around 400,000 current and former patients. The CentroMed data breach raised concerns about the security of patient information and prompted the healthcare provider to take immediate action.

According to CentroMed’s data breach notice, the breach was discovered on May 1, after unusual activity was detected in their information technology (IT) network. Upon this discovery, CentroMed swiftly initiated measures to secure their systems and launched an investigation into the matter. 

The preliminary investigation revealed that an unauthorized actor infiltrated their IT network on or around April 30, and accessed files containing sensitive information related to current and former patients.

Decoding the CentroMed Data Breach

The compromised data included patient names, addresses, dates of birth, Social Security numbers, financial account details, medical records, health insurance information, diagnosis and treatment data, as well as claims information. This breach posed significant risks to the privacy and security of individuals whose information was compromised.

In response to the CentroMed cyberattack, the healthcare provider took several steps to mitigate the impact on affected individuals. CentroMed began notifying individuals whose information may have been compromised, starting on May 17. Additionally, a dedicated toll-free call center was established to address any questions or concerns from affected individuals.

Expressing deep regret for the incident and the resulting concerns it may have caused, CentroMed assured the public that they were taking the matter seriously. To prevent similar incidents in the future, the healthcare provider stated that they had implemented additional safeguards and technical security measures to enhance the protection and monitoring of their systems.

Mitigation Against the Cyberattack on CentroMed

Individuals whose information may have been affected by the CentroMed data breach were advised to take proactive measures to safeguard their personal information.

This included reviewing statements from healthcare providers for any unfamiliar services, monitoring financial account statements for suspicious activity, and promptly reporting any suspicious activity to their financial institutions.

Furthermore, CentroMed provided additional guidance on steps individuals could take to protect their information, such as obtaining free credit reports and placing fraud alerts or security freezes on their credit files. They also offered specific instructions for parents or guardians concerned about their child’s information security in light of the breach.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.



Source link