"MedStar Health and DocGo Reveal Data Breaches"

Two US healthcare providers have recently announced serious cybersecurity incidents in which patient information was accessed. DocGo provides mobile medical services and transportation in 26 states and the UK. The firm revealed that it recently identified unauthorized activity on its network. According to DocGo, as part of its investigation, it was determined that the threat actor accessed and acquired data, including certain protected health information, from a limited number of healthcare records within the company’s US-based ambulance transportation business and that no other business lines have been involved. The firm didn’t disclose how many patients the breach may have affected. Separately, Maryland-headquartered not-for-profit MedStar Health revealed in a filing to the US Department of Health and Human Services Office for Civil Rights that it was breached recently.  MedStar Health said that it discovered that an outside party had accessed emails and files associated with three MedStar Health employee email accounts. The unauthorized access occurred intermittently between January 25, 2023, and October 18, 2023. After an investigation, it was determined that patient information was included in the emails and files that were accessed. Among the patient information likely to have been accessed were names, mailing addresses, dates of birth, dates of service, provider names, and/or health insurance information.

Infosecurity Magazine reports: "MedStar Health and DocGo Reveal Data Breaches"