Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach

“It demonstrates the need for organizations to have robust auditing controls to quickly identify what data was accessed by attackers during an incident,“

“During this time, the affected individuals could have been targeted by attackers using any specific information stolen in convincing social engineering campaigns. It’s critical that as a part of their larger cybersecurity culture organizations include assessing their ability to quickly understand the scope of a potential breach in risk analysis or tabletop exercises.”

Chris Clements, VP Solutions Architecture
Cerberus Sentinel

Read the full story on ThreatPost

“The breach occurred almost three months ago, yet Kaiser Permanente has only recently notified potentially impacted people that their data may have been compromised,” Clements said. “During this time, the affected individuals could have been targeted by attackers using any specific information stolen in convincing social engineering campaigns. It’s critical that as a part of their larger cybersecurity culture organizations, include assessing their ability to quickly understand the scope of a potential breach in risk analysis or tabletop exercises.”

Chris Clements, VP Solutions Architecture
Cerberus Sentinel

Read the full story on Silicon Angle

“While I applaud Kaiser Permanente for taking the proactive step to notify such a large group of people that their information may have been compromised despite reporting they have no clear evidence that it was, it demonstrates the need for organizations to have robust auditing controls to quickly identify what data was accessed by attackers during an incident.”

Chris Clements, VP Solutions Architecture
Cerberus Sentinel

Read the full story on Cyberwire