Healthcare data intermediary Datavant disclosed a significant data breach resulting from a phishing attack in early May 2024. The breach exposed highly sensitive personal information belonging to over 11,000 individuals, including minors, highlighting the persistent threat of email phishing in the digital age.
Datavant confirmed the breach in a notification letter submitted to authorities and impacted users. According to the company, the incident stemmed from a phishing campaign targeting multiple Datavant users.
While the company identified and stopped the intrusion on the same day, further investigations revealed the extent of the beach, reports Cybernews.
Between May 8 and May 9, 2024, unauthorised individuals accessed data stored in a single user’s email mailbox. This access included a trove of sensitive information such as names, addresses, contact details, Social Security numbers, financial account information, government-issued IDs (driver’s licenses and passports) and health-related data.
“We promptly began investigating this incident with the assistance of a respected forensic security provider. That investigation concluded on or about August 8, 2024, and determined that an unauthorised individual(s) gained access between May 9, 2024, and May 9, 2024, to certain Datavant data contained in a single user’s mailbox,” Datavant wrote in the notice of data breach.
A particularly troubling aspect of the breach is that minors were among those affected. Such exposure heightens the risk of identity theft and fraud for the impacted individuals and underscores vulnerabilities in protecting healthcare information within digital ecosystems.
“After a review of the affected mailbox, we ultimately determined that your minor’s information may have been impacted,” Datavant said.
The stolen data could enable malicious actors to perpetrate a range of cybercrime, including:
- Targeted phishing attack: Using exposed information to craft convincing scams.
- Identity fraud: Exploiting personal data to open fraudulent accounts or access financial resources.
- Medical identity theft: Submitting false claims to Medicare or other insurers using compromised health information.
The company asserts that its core systems and data storage were not compromised. It has implemented enhanced security measures, including reinforcing technical safeguards and rolling out phishing awareness training for employees.
Healthcare is one of the most targeted sectors by cybercriminals because medical data contains sensitive personal details about patients, including their financial information and insurance details. Last month, a data breach in France exposed the records of more than 750,000 patients.
In October 2024, a Change Healthcare data breach exposed the medical data of more than a hundred million American citizens. In August, Kootenai Health suffered a ransomware attack affecting over 460,000 users.
In the News: More than 25 Facebook pages linked to election meddling in Romania