back to article Healthcare billing biz AccuDoc 'fesses up to breach that blabbed 2.65m people's data

Miscreants gained access to US healthcare billing vendor AccuDoc Solutions' database for about a week in September, exposing the data of at least 2.65 million people. North Carolina-based Atrium Health, a customer of AccuDoc Solutions, this week said it had been affected by the breach. The firm operates 44 hospitals across …

  1. cbars Bronze badge

    SQL Injection

    Still on top

    1. a_yank_lurker

      Re: SQL Injection

      Too often the breach is caused by not fixing a know problem such as SQL injection or by not patching the code because it is too inconvenient. So a breach is inevitable when a black hat stumbles across them and given some the problems just about barely breathing script kiddie could hack some of these outfits.

  2. hellwig

    2.65m people?

    Let's see, scaling for length of breach, bonus multiplier for SSNs.... that should be a fine of at least $50,000. Boy oh boy, that's gonna show them.

    And that identify protection only lasts for a year (that's all Equifax and Experian each gave me when they were breached). So if I'm a hacker stealing SSNs, wait a year. Most of those SSNs (unlike credit card numbers) will still be valid.

    1. Mark 85

      Re: 2.65m people?

      Surprisingly, even if some of those died during the wait, the SSN would still be valid. SS has some issues with being able to shut down an SSN.

  3. GnuTzu
    Thumb Down

    "We take health care privacy very seriously."

    Insert usual rant about this phrase here. Do they realize this is coming to mean the opposite of what it should?

    1. Pascal Monett Silver badge

      Of course not - it's their first time.

      We, on the other hand, have seen it invoked a thousand times. We know that this is the Band-Aid you put on an open wound. When it's too late.

  4. Anonymous Coward
    Anonymous Coward

    So, that's AccuDoxx now?

    Not good.

  5. Anonymous Coward
    Anonymous Coward

    I have so many "1 year free credit monitoring" offers that I could pass them along to my children and grandchildren and they would never run out - seriously, one of our credit cards is being replaced (for the 4th time in as many years) due to a corporate data breach, and then there are the debit card replacements, and just general company, organization and government technical security incompetence.

    0

  6. Fungus Bob
    FAIL

    "It did not include any financial details or medical records"

    Riiiiiiight...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like