DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

CSI Laboratories reports a second big breach this year

Posted on October 7, 2022 by Dissent

Georgia-based Cytometry Specialists d/b/a CSI Laboratories (“CSI”) has reported a second big breach this year.

In a press release issued this week, CSI reports that they discovered on July 8 that they had been the victim of a phishing attack that compromised an employee’s email account. The incident was reported to HHS on September 26 as affecting 244,850 patients.

“We believe the access to a single employee mailbox occurred not to access patient information, but rather as part of an effort to commit financial fraud on other entities by redirecting CSI customer health care provider payments to an account posing as CSI using a fictitious email address,” they state.

Whatever the bad actor’s intentions, the investigation revealed that documents with patient data were acquired from an employee mailbox. The files generally included patient name and number, but some files contained more protected health information such as date of birth and health insurance information.

“At this time, we have no facts suggesting that any of the patient information has been used and, in most cases, it will be very difficult, if not impossible, for anyone to further use the patient information that was accessed. Accordingly, we do not believe that you need to take any steps at this time to protect your information,” CSI Laboratories stated.

Not even to check explanation of benefits statements in case there is any attempt to misuse insurance information for medical identity theft?

Their full statement can be found on their website.

This was the second incident CSI Laboratories reported this year.  In March, they disclosed a breach discovered in February. That incident also resulted in the theft of files with patient information.

Their March press release stated, in part, “At this time, CSI has no facts suggesting that any of the information has been further used and in some cases, it will be very difficult, if not impossible, for anyone to further use the information that was accessed.”

As DataBreaches reported:

By the time CSI issued that press release, Conti threat actors had already added CSI to their dedicated leak site. So maybe CSI had no “facts” or hard proof of misuse of data, but the fact that the data was in Conti’s hands should be cause for concern and for people to take steps to protect themselves.

The February incident was reported to HHS as affecting 312,000 patients.

So a mere months after a ransomware incident affecting hundreds of thousands of patients, CSI Laboratories got hit again.  And it makes the same promises now that it made after the first incident:

We continue to closely monitor our network and information systems for unusual activity. We will continue to further improve security across our company networks and protect from unauthorized access or similar criminal activity in the future.

What exactly did CSI Laboratories do before and after the first incident to protect from unauthorized access or similar criminal activity? What are they doing after this second incident to prevent a third?

Category: Breach IncidentsCommentaries and AnalysesHack

Post navigation

← HC3: Abuse of Legitimate Security Tools and Health Sector Cybersecurity
Hacker steals $566 million worth of crypto from Binance Bridge →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Why Dumping Sensitive Data on Network Shares is a Liability
  • A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks
  • Pro-Russian hackers disrupt Dutch government websites ahead of NATO summit
  • Iran-Linked Threat Actors Leak Visitors and Athletes’ Data from Saudi Games
  • UK: Oxford City Council still investigating cyberattack from earlier this month
  • Steelmaker Nucor Says Hackers Stole Data in Recent Attack
  • People’s Republic of China cyber threat activity: Cyber Threat Bulletin
  • Ukrainian Web3 security auditing company Hacken suffered an attack that allowed a hacker to create 900 million HAI tokens
  • McLaren provides written notice to 743,131 patients after ransomware attack in July 2024 (2)
  • A state forensics lab was leaking its files. Getting it locked down involved a number of people.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.