512,000 Radiology patients' data stolen

Executive Summary

Consulting Radiologists LTD. (“CRL”) reported that cybercriminals may have stolen the data of roughly 512,000 patients.

This theft was impactful because Patient Health Information was stolen (PHI); PHI is very sensitive and hard to change.

The data may have been breached multiple times as at least two groups, LockBit and Qilin, both claimed in April to have stolen CRL's data

CRL is offering the usual credit monitoring services, but they have no remedy for stolen PHI.

Reference: https://regmedia.co.uk/2024/06/20/consulting_radiologists_february_2024_data_breach_notification.pdf

The CRL Incident

On February 12, 2024, CRL detected suspicious activity in its network environment. Upon discovery of this incident, CRL promptly took steps to secure its network and engaged a specialized cybersecurity firm to investigate the nature and scope of the incident. As a result of the investigation, CRL learned that an unauthorized actor accessed certain files and data stored within our network.

The CRL Response

CRL's security consultants investigated the breach and identified which patient's information was compromised.

This happens to be:

Name, Address, date of birth, Social Security number, Health Insurance information, Medical information.

Remedies

CRL offers, by now, irrelevant credit monitoring services for a 1 year no cost service at https://bfs.cyberscout.com/activate

Conclusions

• There is no remedy for the leakage of personal health information offered.

• It is not clear what security practices were implemented that led to all the data being stored in an identifiable format or whether de-identification rules were followed.

• The data may have been breached multiple times as at least two groups, LockBit and Qilin, both claimed in April to have stolen CRL's data

• There may have been a dearth of monitoring tools as two different groups stole data.

• It is not clear if radiological data was also stolen.