A cyberattack on Shields Health Care Group could impact 2 million people.
The organization said an unknown person accessed Shields Health Care Group data from March 7 to March 21.
On March 18, Shields said it “had identified and investigated a security alert” but that “data theft was not confirmed at that time.” They have also notified federal law enforcement, according to a statement.
“Further, once we complete the review of the impacted data, we will directly notify impacted individuals where possible so that they may take further steps to help protect their information, should they feel it is appropriate to do so,” the statement read.
Data that could be impacted includes the person’s full name, Social Security number, date of birth, home address, provider information, diagnosis, billing information, insurance number and information, medical record number, patient ID, and other medical or treatment information, according to the statement.
Shields specialists in MRI, PET/CT imaging and ambulatory services in more than 40 locations in Massachusetts and Maine.
“Shields takes the confidentiality, privacy, and security of information in our care seriously. Upon discovery, we took steps to secure our systems, including rebuilding certain systems, and conducted a thorough investigation to confirm the nature and scope of the activity and to determine who may be affected,” the statement read. “Additionally, while we have safeguards in place to protect data in our care, we continue to review and further enhance these protections as part of our ongoing commitment to data security.”
Shields said while there is no evidence of theft, there are still ways to protect information that might’ve been impacted. This includes, monitoring your accounts and placing a “fraud alert” on a credit file.
___
© 2022 Advance Local Media LLC
Distributed by Tribune Content Agency, LLC.
