Sharp HealthCare, an American medical service provider offering healthcare services such as hospital care, rehabilitation services, and home health care, has become the prime target of an unknown threat actor group. The Sharp Healthcare data breach resulted in the theft of some personal information. At the time of writing, Sharp HealthCare has informed its patients about the attack and is currently mitigating the stolen data and its impact.
The group report revealed that the attack was first detected on January 12, 2023. Upon discovering the attack, the medical facility took the potentially affected servers offline and engaged a forensic tech firm to investigate the incident. In its report, Sharp HealthCare discovered that a server was infiltrated for a few hours when suspicious activity was noticed and that the hacker or hackers could have gained access to a file with patient information.
Sharp Healthcare data breach: hackers stole valuable patient data
According to the report shared by the medical facility today, the stolen data contained critical information about the patients. Upon further analyzing the data, Sharp Healthcare found out that the breach did not affect other data sets like Sharp identification numbers and invoice numbers, payment amounts, and the names of the Sharp facilities receiving the payments.
The healthcare provider also emphasized that bank account or credit/payment card information, social security numbers, contact information, health insurance information, dates of birth, clinical information, department name, provider name, and information about the services received were not affected in the breach.
Sharp Healthcare data breach: How Sharp is handling the stolen patient data
The healthcare facility is reaching out to all the affected patients who could become the direct victims of the attack.
However, reports suggest that the stolen data consists of a limited number of patients, especially those who paid their bills online between August 12, 2021, and January 12, 2023. Moreover, the data breach resulted in the theft of 62,777 patient data, reported NBC 7.
Sharp HealthCare has taken swift action to secure its servers and has informed the affected patients about the cyberattack and the information that was stolen.
Sharp HealthCare has taken steps to inform all patients whose data was compromised in a recent cyberattack. The healthcare provider is mailing notifications to affected individuals and has set up a dedicated phone line for those who wish to discuss the breach. The phone line is available Monday through Friday from 6 a.m. to 6 p.m. Pacific Time, can be reached at 833-753-3819.
Sharp emphasized in its notice to patients that the hackers did not access medical records or the FollowMyHealth® patient portal. The company expressed regret for any inconvenience or concern caused by the incident and stated it is committed toward protecting patient information. To prevent similar incidents in the future, Sharp has enhanced the security of its website servers and will continue to monitor its systems for potential vulnerabilities.