Elysium's Joe Calandrino Suggests Possible Reason for Hospital Data Theft

Security & Privacy

In the News

August 19, 2014

Community Health Systems, one of the biggest hospital groups in the United States, was recently targeted in a massive cyberattack that resulted in stolen Social Security numbers, patient names and addresses, and other personal information. The hospital group said that the security breach may have led to the theft of 4.5 million patients' data. According to CNET, this breach "is the largest known attack to involve hospital patient information since the US government began tracking these types of data breaches in 2009."

Elysium expert Joseph Calandrino noted to CNET that "[o]ne possible goal of this attack is to facilitate future targeted attacks. The type of data that was stolen from the hospital system is often used to verify a person's identify. The exposure of this data creates a risk that the hackers could leverage it to gain access to other accounts and information."

Joe is part of Elysium's Security & Privacy practice group. The group has experience working with companies in the aftermath of data breaches. Elysium consults with these companies to help identify remaining gaps in security and to offer guidance on building more robust systems in the future.