A giant data breach affecting 170 hospitals and healthcare centers across the US exposed confidential health information of hundreds of thousands of patients, multiple organizations have revealed. The attack, which took place on April 6, targeted Elekta, a Swedish developer whose software powers the linear accelerators used in radiation therapy.
In a statement in April, the company said that their "first-generation cloud-based storage system has experienced a data security incident." That cloud-based storage system is what doctors rely on, inputting data to help the machines be programmed for each individual patient.
Information potentially exposed in the attack includes social security numbers, dates of birth, diagnosis, and treatment information. For some, such as Massachusetts' SouthCoast Health, this is the second vendor breach in the past year.
When compared to the same period in 2020, the US Department of Health and Human Services has reported a 153% increase in incidents causing patient information to be exposed.