Security News > 2020 > November > Healthcare provider AspenPointe data breach affects 295K patients
U.S. healthcare provider AspenPointe notified patients of a data breach stemming from a September 2020 cyberattack that enabled attackers to steal protected health information and personally identifiable information.
AspenPointe is a nonprofit funded by Medicaid, state, federal, and local government contracts, as well as donations, that manages 12 organizations serving over 50,000 individuals and families every.
AspenPointe also provides those affected by the data breach IDX identity theft protection services including "12 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services."
"Since the incident, we have forced password changes, implemented additional endpoint protection, increased monitoring, and implemented firewall changes, among other things," AspenPointe added.
While AspenPointe did not disclose the number of patients affected in this incident, the healthcare provider reported the data breach to the U.S. Department of Health and Human Services on November 19th. The report filed with the HHS says that 295,617 AspenPointe clients had their PHI and PII data stolen by the attackers in this incident.
News URL
Related news
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Insurance admin Landmark says data breach impacts 800,000 people (source)
- Henry Schein discloses data breach a year after ransomware attack (source)