Face Verification
Address Verification
Document Verification
Age Verification
Video KYC
Fast ID
eIDV
NFC Verification
Consent Verification
Business Verification
Due Diligence
Investor Verification
E-Signature
Behavioural Biometrics
Device Fingerprinting
MFA
AML Screening
Business AML Screening
User Risk Assessment
Transaction Screening
Adverse Media Screening
Identity Verification
KYC
KYB
KYI
Bonus Abuse
Fraud Prevention
Banking
Crypto
Fintech
Forex
Gaming
Gig Economy
Marketplace
Social Networks
Product Managers
Compliance Officers
Fraud Analyst
Global Trust Platform
Journey Builder
Content library
Blogs
News
Reports
Insights
Knowledgebase
ROI calculator
Blind Spot Audit
Deepfake Detection
Liveness Spoofs
Document Originality
Document Deepfake
Events & Webinar
Podcast Studio
Spotlight Studio
API Documentation
Mobile SDKs
Service Status
Help Center
Contact Us
Technical Support
Compliance
Supported Document
About
Career
Press Release
Certifications
Partnership
Awards
13K Affected in Third-Party Data Breach at Anthem MaineHealth
A third-party service provider accessed the database of Anthem MaineHealth and obtained patients’ files with their perosnal data, leaving more than 13k people vulnerable to security risks.
Anthem MaineHealth disclosed a third-party data breach that impacted 13,406 people. The company heard about a person offering to make data available that was stolen from Choice Health, one of AMH Health’s vendors.
Through investigation, it was revealed that a third-party service provider made a single Choice Health database accessible on the internet through a technical security configuration.
On May 7, 2022, the database was accessed in which an unauthorised party obtained certain files. According to the official filing of Anthem MaineHealth, personal health information (PHI) has been taken in the third-party data breach, including name, Medicare ID number, email address, health plan carrier and social security number. The same third-party breach affected 22,767 individuals at Humana.
According to the statement of a Choice Health notice regarding the data breach, “Upon learning of the incident, Choice Health worked with their third-party service provider to reconfigure the security settings on the database.”
Further, it added, “The database is no longer accessible through the Internet. Choice Health has also taken steps to enhance their data security measures to prevent the occurrence of a similar event in the future, including requiring multi-factor authentication for all access to database files.”
WellMed, a physician-led healthcare company, started notifying patients regarding a data security incident involving the theft of patients’ medical records.
It came to the organisation’s notice that a physician obtained some medical records of patients for pursuing them for his new clinic.
“The unauthorised removal of WellMed patient medical records is a violation of federal HIPAA regulations, state privacy statutes, as well as WellMed’s internal policies and employment agreements,” the notice said.
Impacting around 10,500 individuals, the data breach occurred between February 6 to May 17, 2022. Sensitive PHI, including health insurance data, demographic information and medical information, was included in the stolen patient records.
WellMed said that securing patients’ confidential data is a crucial priority, and they took immediate action to investigate the problem.
“As part of its investigation, WellMed identified the medical records, confirmed the information was secure, caused the return or deletion of the information from the physician, and stopped further unauthorised outreach to patients based on the use of the information. We have also recovered all the information”, mentioned the report.
Suggested Read: Chinese Watchdog Taking Action Against Many in the Massive Bank Fraud
