DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

CSI Laboratories reports a second big breach this year

Posted on October 7, 2022 by Dissent

Georgia-based Cytometry Specialists d/b/a CSI Laboratories (“CSI”) has reported a second big breach this year.

In a press release issued this week, CSI reports that they discovered on July 8 that they had been the victim of a phishing attack that compromised an employee’s email account. The incident was reported to HHS on September 26 as affecting 244,850 patients.

“We believe the access to a single employee mailbox occurred not to access patient information, but rather as part of an effort to commit financial fraud on other entities by redirecting CSI customer health care provider payments to an account posing as CSI using a fictitious email address,” they state.

Whatever the bad actor’s intentions, the investigation revealed that documents with patient data were acquired from an employee mailbox. The files generally included patient name and number, but some files contained more protected health information such as date of birth and health insurance information.

“At this time, we have no facts suggesting that any of the patient information has been used and, in most cases, it will be very difficult, if not impossible, for anyone to further use the patient information that was accessed. Accordingly, we do not believe that you need to take any steps at this time to protect your information,” CSI Laboratories stated.

Not even to check explanation of benefits statements in case there is any attempt to misuse insurance information for medical identity theft?

Their full statement can be found on their website.

This was the second incident CSI Laboratories reported this year.  In March, they disclosed a breach discovered in February. That incident also resulted in the theft of files with patient information.

Their March press release stated, in part, “At this time, CSI has no facts suggesting that any of the information has been further used and in some cases, it will be very difficult, if not impossible, for anyone to further use the information that was accessed.”

As DataBreaches reported:

By the time CSI issued that press release, Conti threat actors had already added CSI to their dedicated leak site. So maybe CSI had no “facts” or hard proof of misuse of data, but the fact that the data was in Conti’s hands should be cause for concern and for people to take steps to protect themselves.

The February incident was reported to HHS as affecting 312,000 patients.

So a mere months after a ransomware incident affecting hundreds of thousands of patients, CSI Laboratories got hit again.  And it makes the same promises now that it made after the first incident:

We continue to closely monitor our network and information systems for unusual activity. We will continue to further improve security across our company networks and protect from unauthorized access or similar criminal activity in the future.

What exactly did CSI Laboratories do before and after the first incident to protect from unauthorized access or similar criminal activity? What are they doing after this second incident to prevent a third?

Category: Breach IncidentsCommentaries and AnalysesHack

Post navigation

← HC3: Abuse of Legitimate Security Tools and Health Sector Cybersecurity
Hacker steals $566 million worth of crypto from Binance Bridge →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile
  • Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
  • Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
  • Lower Merion School District says a data breach was caused by a computer glitch
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.