• Dragoon Security Group

Poor Cyber Supply Chain Risk Management Leads to Healthcare Data Breach

2.65 million records of Patient Data belonging to Atrium Health in Charlotte was the bounty of hackers on October 1st. The source of the breach, AccuDoc Solutions is a third-party vendor providing IT services, medical billing, payment, and document processing.


This breach falls in line with previous breaches involving Target and Home Depot, where Non-Public Information was accessed through the organization's supply chain.


This rise in attacks through third-parties has led to a new category in the updated NIST Cyber Security Framework, titled Supply Chain Risk Management. This newly created category entails identifying, assessing, and managing the risks to your organization's data and critical services introduced by third-parties.


To protect yourself, security requirements as part of the RFP and contracting process are imperative, as well as enforcing these requirements to your third-party vendors. While the breach occurred outside of Atrium Health, they were the company listed in the headline.


https://www.bizjournals.com/charlotte/news/2018/11/27/about-2-65m-patients-at-charlottes-atrium-health.amp.html

23 views0 comments

Recent Posts

See All

Small Town But Not Too Small To Fail

After a chaotic summer of coordinated ransomware attacks against municipal governments, resulting in disruption of critical services to citizens, some refreshing news from Rhode Island of a small town

60 Minutes on Ransomware

While I’m glad this issue is gaining national attention, this piece was very defeatist. Companies wouldn’t accept a thief walking in and taking tens of thousands of dollars from the register. Yet beca

 

803-298-4500

Chapin, SC

  • Twitter
  • Facebook
  • Instagram

©2017 by Dragoon Security Group