Even if you take your online security very seriously, your personal data and your financial information could end up in the hands of hackers thanks to a data breach. This is especially true now as hackers keep going after healthcare providers, as they hold vast troves of valuable data.
As reported by BleepingComputer, the latest company in this industry to fall victim to a cyberattack is Pennsylvania-based Healthcare Services Group (HSGI), which has begun sending out data breach notification letters to impacted individuals. In total, 624,000 people are affected by this major healthcare data breach, which took place last year.
At the end of September 2024, hackers managed to gain access to HSGI’s network, but it wasn’t until October 7th that the company discovered something was amiss. The company then conducted an internal investigation to reveal what types of data were exposed during this period.
Here’s everything you need to know about this new data breach, along with how to see if you’re affected and some tips and tricks to stay safe from hackers following a security incident like this one.
Compromised data
Although hackers gained unauthorized access to its network in the fall of last year, it has taken roughly ten months for HSGI to determine whether or not the files stolen during the attack contained sensitive information and how many individuals are impacted.
In a sample data breach notification letter (PDF) shared with the Vermont Attorney General, the company provided further insights into the nature of the attack and its response to it. HSGI also revealed that the following personal and financial data may have been exposed as a result:
- Full names
- Social Security numbers
- Driver’s license numbers
- State identification numbers
- Financial account information
- Account access credentials
It’s worth noting that the exposed information varies from individual to individual. So while one person’s full name and account credentials may have been exposed, another person might have also had their Social Security number compromised.
How to stay safe after a data breach
Given that HSGI provides dining, housekeeping and laundry services to hospitals and healthcare facilities across 48 states in the U.S., there’s a chance that you may be impacted even if you’ve never heard of the company before. For this reason, you’re going to want to keep a close eye on your mailbox since data breach notification letters are sent the old-fashioned way instead of over email.
If you do get a letter in regard to this breach at HSGI, it will explain exactly what types of your personal or financial data were exposed. Likewise, as the company is providing free access to one of the best identity theft protection services, there will be a code you can use to activate your new subscription. It’s unclear if impacted individuals will get 12 months or two years of credit monitoring and identity restoration from Experian based on the sample letter, but I’d suggest taking them up on this offer regardless.
At this time, there’s no evidence that any of this stolen data has been misuse,d but you’re still going to want to be extra careful both in real life and online. This is because hackers could use this stolen data to launch targeted phishing attacks, to commit fraud or to steal your identity if your Social Security number was exposed. As such, you want to be extra vigilant when checking your inbox since hackers may use some of this stolen info to trick you into giving them even more. They could also try to infect your devices with malware, so you don’t want to download any attachments or click on links in emails from unknown senders and especially those that use a sense of urgency to get you to do something.
To protect yourself from malware and other threats online, you should be using the best antivirus software on your PC, the best Mac antivirus software on your Apple computer or one of the best Android antivirus apps on your Android phone. There’s no iOS equivalent to the latter, but Intego’s Mac antivirus software can scan an iPhone or iPad for malware when connected to a Mac via USB.
I highly doubt this is the last data breach we’ll see at a company in the healthcare industry, as hackers have launched a string of attacks against them over the last year. Unfortunately, though, there’s not really much you can do to keep your data safe when it’s in the hands of a company. However, while you can't control a company's security, you have the power to take immediate action to protect yourself once a breach is reported.
Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
More from Tom's Guide
- Dangerous Android banking trojan found lurking in malicious apps with 19 million installs — don’t fall for this
- Google wants to fight Android malware by making sideloading more difficult — here's how
- Two-factor authentication provides an easy way to secure your accounts — here's how it works and how to enable it
