DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

ZOLL Medical notifying 1,004,443 patients of data breach — HIPAA

Posted on March 11, 2023 by Dissent

A number of large recent breaches have involved trackers or analytics, but not all large breaches these days involve trackers. ZOLL Medical is notifying 1,004,443 patients whose protected health information (PHI) may have been compromised in a recent data security incident that didn’t involve pixels or trackers at all.

According to ZOLL’s notification, the Massachusetts-headquartered firm’s security team first detected unusual activity on their internal network on January 28. They responded promptly to mitigate the incident and investigate it with the help of third-party cybersecurity experts.

The investigation indicated that PHI may have been affected on or about February 2, 2023.

Their notification, a copy of which was seen by DataBreaches, does not indicate whether malware had been deployed and whether there was any ransom demand. DataBreaches sent an email inquiry to ZOLL seeking clarification as to whether there was any encryption involved, whether data was exfiltrated, and whether there was any ransom demand or note. No reply was immediately provided.

The types of PHI involved included patients’ addresses, dates of birth, and Social Security numbers. ZOLL’s notification letter stated, “It may also be inferred that you used or were considered for use of a ZOLL product.”

In a statement provided to BusinessWire, however, ZOLL was a bit more specific, writing that the PHI “may have included some individuals’ names, addresses, dates of birth, some Social Security numbers and information that may allow one to infer that the individual used or was considered for use of the ZOLL LifeVest® wearable cardioverter defibrillator (WCD).”

ZOLL is offering those affected complimentary access to Experian IdentityWorksSM for 24 months. They say they have no indication of any misuse of the patients’ information.

As of publication, no ransomware group appears to be claiming any responsibility for this incident. This post will be updated when ZOLL responds to direct questions about whether ransomware and/or any ransom demand was involved.

Related Posts:

  • ZOLL notifying 277,319 patients of vendor data…
  • Breach Lawsuit Spotlights Complex Vendor Issues
  • Wearable fitness trackers tested for data leakage…
  • Community Health Network notifies patients of meta…
  • Beaver Medical Group notifying patients whose…

Post navigation

← Weekend update: Non-US hospitals hit by cyberattacks
Wilkes-Barre Career and Technical Center averts catastrophe from cyberattack →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Update: Cardiovascular Consultants Ltd. ransomware attack reportedly affected 500,000 patients, guarantors, and staff
  • Data breach by Addenbrooke’s Hospital reveals patient information
  • Millions of patient scans and health records spilling online thanks to decades-old protocol bug
  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)
  • Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
  • CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
  • Seeking clarification on Maine’s data breach notification statute
  • East River Medical Imaging notifies 605,809 patients of breach

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net