Hackers attempted to lift patient information over a weeklong period from Sept. 22-29. The data was stored in a third-party system provided by AccuDoc Solutions Inc., which provides billing services to Atrium and about 50 other hospitals and health-care systems.
Commenting on the news is Javvad Malik, security advocate at AlienVault:
“It’s encouraging to see the forensic examination concluded that although the data was viewed, it was unavailable for download or exfiltrate the data. However, better detection controls could have prevented the attackers from going undetected in the system for over a week.
The incident serves as a reminder that companies and providers across all verticals are attractive targets and no company should consider itself ‘too small’ or uninteresting to be a target.”