Daily Inter Lake reports:
Glacier Medical Associates announced Tuesday the medical practice detected and stopped a data security breach that occurred April 7.
According to a press release, Glacier Medical Associates immediately engaged third-party forensic specialists to assist with securing the network environment and investigate the extent of any unauthorized activity. The investigation concluded May 10.
“GMA has found no evidence that specific individuals’ information has been misused,” the release noted. “However, due to the compromise of GMA’s network, GMA has notified all potentially affected individuals of this incident.”
Read more on Daily Inter Lake. DataBreaches.net has not found the press release online yet or on their web site, but notes that the news site reports what seems like unfortunate advice on incident response:
Glacier Medical Associates Practice Administrator Kelli Meuchel said the medical practice’s legal counsel has advised the business not to divulge the number of patients potentially affected
GMA will be divulging the number to HHS and state regulators. This just makes them look like they have something to hide instead of being transparent. In this blogger’s opinion, entities should really get ahead of the story by getting the facts out when they can control the presentation. When news sites have to publish a second story or update when the facts do come out, it just keeps the entity in the news cycle instead of being a 15-minute story.