Cyber Incident Victim: Riverside Medical Group
Date:
Aug 2022
Location:
United States of America
Summary
Riverside Medical Group experienced a cybersecurity breach involving unauthorized access to a legacy server storing immunization records, potentially compromising personal and protected health information of 12,499 patients. Exposed data included names, contact details, birthdates, gender, immunization history, provider and health plan information, and limited Social Security numbers, though no evidence of data misuse was found. The incident was contained to the single server without affecting other systems, and the organization implemented enhanced security measures following detection.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 3, 2022, Riverside Medical Group, an adult medical practice serving Northern New Jersey, detected unauthorized access to a legacy server located at its West Orange clinic. The compromised server had been used by a provider to store patient immunization records, and investigators confirmed no other systems within the medical group's network were affected by this breach. Forensic analysis revealed that attackers potentially viewed or obtained files containing protected health information (PHI) during the intrusion. The subsequent review of server contents identified records belonging to 12,499 patients that were exposed in the incident.
The exposed data included patient names, dates of birth, addresses, gender information, phone numbers, email addresses, immunization records, immunization dates, provider details, and health plan information. A limited subset of records also contained Social Security numbers. Riverside Medical Group stated it found no evidence of actual or attempted misuse of the compromised information following the breach discovery. The organization secured the affected server, conducted a comprehensive review of the exposed files, and arranged breach notifications to all impacted individuals. Credit monitoring services were offered to patients whose Social Security numbers were potentially accessed. Riverside Medical Group implemented undisclosed security enhancements to prevent recurrence but did not specify whether law enforcement was notified or whether the legacy server was permanently decommissioned following the incident.