top of page
Writer's pictureDragoon Security Group

Poor Cyber Supply Chain Risk Management Leads to Healthcare Data Breach

2.65 million records of Patient Data belonging to Atrium Health in Charlotte was the bounty of hackers on October 1st. The source of the breach, AccuDoc Solutions is a third-party vendor providing IT services, medical billing, payment, and document processing.


This breach falls in line with previous breaches involving Target and Home Depot, where Non-Public Information was accessed through the organization's supply chain.


This rise in attacks through third-parties has led to a new category in the updated NIST Cyber Security Framework, titled Supply Chain Risk Management. This newly created category entails identifying, assessing, and managing the risks to your organization's data and critical services introduced by third-parties.


To protect yourself, security requirements as part of the RFP and contracting process are imperative, as well as enforcing these requirements to your third-party vendors. While the breach occurred outside of Atrium Health, they were the company listed in the headline.


https://www.bizjournals.com/charlotte/news/2018/11/27/about-2-65m-patients-at-charlottes-atrium-health.amp.html

53 views0 comments

Recent Posts

See All

60 Minutes on Ransomware

While I’m glad this issue is gaining national attention, this piece was very defeatist. Companies wouldn’t accept a thief walking in and...

Comments


Post: Blog2_Post
bottom of page