Preventing data loss is a concern for almost every organization, regardless of size, especially organizations with sensitive data. Organizations, now more than ever before, rely on voluminous amounts of data to conduct business. When data leakage or a breach occurs, the organization is forced to deal with the negative consequences, such as the high cost associated with data breach fines and remediation and reputational harm to their company and brand.
HCA Healthcare is one of the largest health systems in the United States today. The company has millions of patients and manages data for countless hospitals, private practices, specialty offices, and more. With such a substantial volume of healthcare data contained in one location, the information is vulnerable to attack. That's exactly what happened to HCA Healthcare. The company suffered a data attack that left it with substantial losses.
Among the range of data leak sites monitored by JUMPSEC, our attention has been drawn to a recent variant called “UnSafeLeaks”, due to its distinctively malicious and personalised approach, setting it apart from typical leak sites that focus primarily on explicit financial extortion. Perhaps more remarkably, a number of targeted organisations also appear to have previously been compromised by closely affiliated groups, suggesting the potential re-extortion of victim organisations.
Essen Health Care is a massive healthcare network of facilities and providers throughout New York City, Staten Island, and Westchester County. With more than 300 providers at a range of facilities connected to Essen Health Care, the organization maintains and stores a huge amount of medical and personal data for patients, providers, faculty, and more. All this data is protected by security features, but it was exposed in a recent breach.