December 7, 2023 at 05:39PM
East River Medical Imaging (ERMI) notified individuals of a data breach after detecting unusual activity in their IT network on September 20. The breach happened between August 31 and September 20, potentially exposing personal and medical information. ERMI is offering credit monitoring and has enhanced cybersecurity in response.
Meeting Takeaways:
1. East River Medical Imaging (ERMI) experienced a data security incident and began notifying affected individuals around the time right before Thanksgiving.
2. ERMI detected suspicious IT network activity on September 20 and subsequently initiated an investigation with the help of third-party cybersecurity professionals and law enforcement.
3. It was determined that threat actors gained unauthorized access to ERMI’s network from August 31 to September 20. During this period, they accessed and possibly copied documents containing personal information.
4. The accessed documents included various types of data such as names, contact details, insurance information, Social Security numbers, details about exams and procedures, imaging results, and physician information.
5. ERMI is providing free credit monitoring services to individuals whose Social Security or driver’s license numbers were compromised.
6. Patients are advised to scrutinize their healthcare statements and report any discrepancies to their health insurer or ERMI.
7. Mohammad Waqas of Armis stated the increasing cybersecurity risks as healthcare organizations expand their online presence, noting the substantial percentage of unmonitored connected assets.
8. ERMI has committed to enhancing their computer systems’ security and data protection by boosting network monitoring capabilities and continuously updating security controls to prevent future breaches.