ConnectOnCall breach impacts over 900,000 individuals

The ConnectOnCall data breach occurred between February 16, 2024, and May 12, 2024. The breach exposed the protected health information (PHI) of 914,138 patients.

What happened 

ConnectOnCall, a telehealth platform and after-hours on-call answering service acquired by Phreesia in October 2023, discovered a breach on May 12, 2024. The breach involved unauthorized access to communication between patients and healthcare providers. After its discovery, Phreesia took the ConnectOnCall platform offline. Law enforcement and external cybersecurity specialists secured the environment and assessed the damage. 

What was said

According to ConnectOnCall, “ConnectOnCall engaged external cybersecurity specialists to determine the full nature and scope of the incident, identify any impacted information, and help it enhance its security controls to mitigate the risk of future security incidents.”

Why it matters 

The breach was a hacking incident that persisted over three months. This long-lasting impact resulted in large volumes of PHI being exposed to potential threat actors. At this point, there is no further information relating to ransomware or the source of the attack but there is still the ever-present risk of the information being used being leveraged by the hackers for financial gain from either the ConnectOnCall or the patients affected. There is also the risk of extensive PHI being sold on the dark web, where it can be used for fraudulent transactions and identity theft. 

Related: HIPAA Compliant Email: The Definitive Guide

FAQs

What are mitigation strategies? 

Mitigation strategies are proactive measures taken to reduce the risk of data breaches and minimize their impact on healthcare organizations like strong encryption and access controls.

When do healthcare organizations face penalties for data breaches? 

Healthcare organizations face penalties for data breaches when they fail to comply with HIPAA. 

Why are healthcare organizations like ConnectOnCall commonly targeted by hackers?

They are targeted as a result of the value of PHI to hackers. From ransoms to cyberterrorism, there are a vast number of ways the stolen data can be used.