Marty Stempniak reports:
A Pacific Northwest radiology practice has reportedly worked with the FBI following a recent “data security incident.”
Mt. Baker Imaging and Northwest Radiologists posted a notice of the matter on its website March 26. The Bellingham, Washington-based group said it first noticed the network disruption around Jan. 25, immediately engaging outside forensic specialists to help with the investigation.
“We are currently reviewing the types of information potentially impacted by this event,” the message said. “However, Northwest/MBI has confirmed that a limited amount of protected health information may have been impacted in connection with this event.”
Possible leaked data could include dates of birth, Social Security and driver’s license numbers and diagnosis details. MBI said it has implemented additional security measures in its network and facilities and is reviewing policies and procedures pertaining to data security.
Read more at Radiology Business.
Comment from DataBreaches:
Claims of victims “working with” the FBI are somewhat misleading. No entity has to work with the FBI. They do not even have to report the cyberattack to the FBI. What they do have to do is notify any regulators and people affected, if required by laws or regulations. If entities want people to believe that they are doing everything to help law enforcement catch the criminals, so what if they are? What did they do to prevent the cyberattack? Did they have good data security in place? Did they have systems to detect intrusion?
We don’t need entities telling us that they are “working with the FBI.” We need entities telling us quickly what happened, who was affected, and what they are doing to protect/help those who are affected.