Kevin Collier has a follow-up on the Rehoboth McKinley Christian Health Care cyberattack first reported by DataBreaches.net on February 16.
From Collier’s reporting, it seems that those impacted by the breach have yet to be notified. As I’ve advocated many, many times: when PII or PHI are publicly dumped by criminals, taking 60 days to make a notification is unreasonable: people need to be alerted promptly so they can immediately take steps to protect themselves.
The Rehoboth breach is not on HHS’s public breach tool as of the time of this reporting.
You can read Collier’s report on the incident on NBC.