Cybercriminals selling stolen sensitive data on dark web. Over 280,000 patients now at permanent risk of identity theft.
In June 2023, a cyber incident affected the internal patient portal of Longhorn Imaging. Upon learning of this incident, Longhorn Imaging claims it acted to fortify its digital infrastructure and initiated a data breach investigation.
This inquiry unveiled that unidentified individual(s) had gained access to its servers and possibly retrieved specific health-related details from the portal. By August 30, 2023, it became clear to Longhorn Imaging that the incident might have compromised patient data. Attempting to reduce the chances of a similar incident in the future, Longhorn Imaging claims that immediately after uncovering the data breach, it put in place added protective measures to bolster the security of their network systems. Longhorn Imaging also has stated that they informed federal law enforcement of the data breach.
Stolen patient data posted to dark web.
The notorious hacker group SiegedSec claimed that they were able to successfully infiltrate the company’s systems and exfiltrate more than 280,000 patient records. In a Twitter (X) post, Daily Dark Web, a threat intelligence service that monitors illicit activities on the internet, shared the details of the Longhorn cyber attack.
The post included a link to a data leak, suggesting that the compromised patient records from the Longhorn data breach have been stored and made available for unauthorized access.
What information was stolen?
The information stolen reportedly includes a vast range of highly sensitive and confidential information such as –
- full names of physicians and patients
- patient treatment details
- dates of birth
- treatment dates
- institution names
- various other details pertaining to patient healthcare
The type of information stolen makes the victims a prime target for cyber criminals and fraudsters seeking to engage in identity theft, financial fraud, and extortion.
How could this happen?
The U.S. healthcare industry has repeatedly been targeted by cyber criminals – a fact well known throughout the community. Despite these attacks, healthcare officials have been slow to implement security standard frameworks required by the Health Insurance Portability and Accountability Act (HIPAA).
Failure to implement the required security standards allows cyber criminals to gain access to these systems.
What is Longhorn Imaging doing to protect my identity?
At the time of writing, Longhorn Imaging does not appear to be offering credit monitoring and/or identity theft protection service to affected individuals.
Join the Longhorn Imaging class action
If you believe you are a victim of the Longhorn Imaging data breach, and would like to understand your legal rights and/or participate in a class action, please fill out the form below and and a data breach lawyer will contact you. There is no cost to you and no obligation.