UPDATED 20:07 EDT / MARCH 13 2023

SECURITY

1M records potentially stolen from medical device and software maker Zoll

Medical device and software maker Zoll Medical Corp. has disclosed that it has suffered a data breach that resulted in the possible theft of records belonging to about a million people.

A division of Asahi Kasei Group Co., Zoll develops and markets medical devices and software that assist in advanced emergency care, while increasing clinical and operational efficiencies. Devices made by the company include cardiac monitoring, oxygen therapy and ventilation.

In a filing March 10 with the Office of the Maine Attorney General, Zoll said it had first detected unusual activity on its internal network on Jan. 28. It then consulted with third-party cybersecurity experts and informed law enforcement, but surprisingly did not cut access to whoever had breached its network until Feb. 2.

The “cybersecurity incident” resulted in the possible theft of data of 1,004,443 people. The data may have included names, addresses, dates of birth and Social Security numbers, and in some cases details about whether the individual has used or was considering using a Zoll product.

Those affected are being offered 24-month identity protection from Experian IdentityWorks, with an investigation into the theft ongoing. The form of attack has not been disclosed. The likely form of attack is ransomware, but no ransomware groups are currently taking responsibility and it could have been a simple breach and data exfiltration.

“Major breaches like this one can have a devastating impact on organizations and users alike,” Stuart Wells, chief technology officer at identity verification solutions company Jumio Corp., told SliconANGLE. “With personal details like names, birth dates and Social Security numbers compromised, one million patients, current and former employees, as well as their families, find themselves at risk of phishing attacks, insurance fraud, identity theft and account takeover attacks.”

Jocelyn Houle, senior director of data governance at unified data control startup Securiti Inc., said the Zoll data breach highlights the active threats and challenges healthcare organizations face in harnessing data while keeping it secure, especially protected health information or PHI.

“Understanding and tracking the PHI data one holds is a priority for all healthcare organizations,” Houle explained. “With the advancements in AI and machine learning techniques, organizations can now leverage automation to accurately discover PHI data at scale no matter where it’s stored.”

Photo: Zoll Medical

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU