In March 2015, the US cancer care provider announced that a data breach had exposed 2.2 million patients' data based across all 50 states and internationally.
The company said that hackers broke into a company database in October 2014 and accessed the personal information of patients, including names, Social Security numbers, physician names, diagnosis, treatment data and insurance information. The company said it had "no indication that the information has been misused in any way".
The company filed for bankruptcy in May of 2017. In December 2017, the company agreed to a $2.3 million fine, issued by the HHS’ Office for Civil Rights, which was covered by their cyber insurance cover.
Want to discuss this case? We're offering a FREE 20 minute phone consultation to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
We offer a range of cost-effective, fixed-price training programmes and consultant services derived from the unique insights gained from all our case study data.
If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.
We've done the analysis so you can make the decisions