Data Security, Risk Assessments/Management, Threat Management, Security Strategy, Plan, Budget

Illinois health firm breach compromises 500K individuals

Nearly 500,000 people had their personal data compromised as a result of a data breach at Illinois-based medical practice Christie Business Holdings Company, or Christie Clinic, last year, SecurityWeek reports. Christie Clinic had one business email account targeted by a threat actor between July 14 and August 19, 2021. The attacker may have accessed individuals' names, addresses, Social Security numbers, and medical and health insurance information. However, the health services provider's other systems, patient portal, and electronic medical records were not impacted by the intrusion, according to Christie Clinic. "The investigation indicated that the purpose of the unauthorized access was to intercept a business transaction between Christie Clinic and a third party vendor. This investigation was unable to determine to what extent email messages in the account were actually viewed or accessed by an unauthorized actor," Christie Clinic said in a breach notification posted on its website. Additional network security solutions, as well as data privacy and security training have already been implemented following the incident.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.