Cyber Incident Victim: Comstar LLC
Date:
May 2022
Location:
United States of America
Summary
A series of data breaches impacted multiple healthcare providers in the US, with Eye Care Leaders, an EHR vendor, identified as a common link in several eye clinic breaches. The incident compromised the data of thousands of individuals, with a total impact across all breaches exceeding 300,000 records. Eye Care Leaders was identified as the threat actor, and the breaches affected the confidentiality of patient data. The incident highlighted the vulnerability of healthcare organizations, emphasizing the need for robust cybersecurity measures.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
A series of data breaches targeting healthcare providers in the United States came to light in early May 2022, underscoring the growing frequency of cyberattacks in the healthcare sector. The incidents, though varied in nature, shared a common thread, with many linked to a data security breach involving Eye Care Leaders, a prominent EHR vendor. The impact of these breaches extended across multiple states, affecting a significant number of individuals and exposing sensitive healthcare information.
One of the earliest reported incidents involved Burman & Zuckerbrod Ophthalmology Associates in Michigan, where the records of 1,337 individuals were compromised. This was soon followed by a breach at Fishman Vision in California, impacting 2,646 patients. Associated Ophthalmologists of Kansas City in Missouri also fell victim, with a breach affecting 13,461 individuals. These incidents, reported on June 1, set the tone for a string of cyberattacks on eye care providers.
AU Health in Georgia faced a breach affecting 50,631 individuals, with both electronic medical records (EMRs) and other sensitive data compromised. Shoreline Eye Group in Connecticut experienced a breach impacting 57,047 patients, while Sylvester Eye Care in Oklahoma had a breach exposing the data of 19,377 individuals. Finkelstein Eye Associates in Illinois encountered a breach affecting 48,587 patients, involving both EMRs and network servers.
The scope of these attacks extended beyond ophthalmology practices. North Lakes Pain Consultants in Texas experienced a breach impacting 8,620 individuals, stored on their network server. Fred Hutchinson Cancer Center in Washington reported a breach affecting 500 individuals' email accounts. Moyes Eye Center in Missouri had a breach exposing the records of 38,000 patients. The Multiple Sclerosis Center of Atlanta encountered a breach impacting 2,820 individuals' email accounts.
Homestead Hospice & Palliative Care in Georgia experienced a breach affecting 28,332 individuals, involving email accounts and a laptop. Oswego County Opportunities in New York had a breach impacting 7,766 individuals' email data. OE Enterprise in North Carolina reported a breach affecting 4,075 individuals' email accounts. The Bryan County Ambulance Authority in Oklahoma experienced a breach exposing the data of 14,273 individuals stored on their network server.
Allaire Healthcare Group in New Jersey, providing long-term care services, experienced a breach impacting 13,148 individuals' email data. Northern Rockies Orthopaedics in Montana had a breach affecting 6,701 patients' email accounts. Genetics & IVF Institute in Virginia and Summit Healthcare Association in Arizona both encountered breaches involving their network servers, impacting 606 and 1,403 individuals, respectively.
RiverKids Pediatric Home Health in Texas experienced a breach affecting 3,494 individuals' email accounts. McKenzie Health System in Michigan had a breach exposing the data of 25,318 individuals stored on their network server. NuLife Med, a durable medical equipment supplier in New Hampshire, experienced a significant breach impacting 81,244 individuals. The Oklahoma City Indian Clinic, serving the Native American community, encountered a breach affecting 38,239 individuals.
Mindpath Care Centers in North Carolina and Mississippi Sports Medicine and Orthopaedic Center both reported breaches impacting around 500 individuals. North Alabama Bone & Joint Clinic experienced a breach affecting 500 individuals, involving email and network servers. Wagner Heights Nursing and Rehabilitation Center in California had a breach impacting 4,676 individuals' email accounts. WellDyneRx, a pharmacy benefits manager in Florida, experienced a breach affecting 5,122 individuals.
Greater Nashua Mental Health in New Hampshire and Vail Health Services in Colorado both encountered breaches involving their network servers, impacting 1,085 and 17,039 individuals, respectively. Thompson Child & Family Focus in North Carolina and Kenosha Community Health Center in Wisconsin reported email breaches, affecting 986 and 2,688 individuals. FPS Medical Center in Arizona experienced a significant breach impacting 28,024 individuals.
While the full scope and impact of these breaches continue to be assessed, the common thread of Eye Care Leaders as a potential source of vulnerability has raised concerns. The exact nature of the breach at Eye Care Leaders and its role in these incidents requires further investigation. However, these events underscore the critical importance of robust cybersecurity measures and vendor risk management in the healthcare industry. Protecting sensitive patient information and ensuring the resilience of healthcare systems against cyber threats remains a pressing challenge and a key area of focus for organizations and regulators alike.