Random Image Display on Page Reload

Maxicare Healthcare Corporation notifies members of data breach

1876058b-60b5-4096-a8b6-804423268a85.jpg
Deep Web Konek, an advocacy group that alerts internet users about the latest hacks and breaches, shared the screenshot above. The image shows Maxicare Healthcare Corporation alerting members to a potential data breach, urging vigilance and promising enhanced cybersecurity measures.

Maxicare HealthCare Corporation has formally notified its members regarding a potential data breach that may have compromised personal and medical information. The breach was detected on June 13, 2024, when unauthorized access to the information systems was discovered.

The compromised data was submitted to Lab@Home, a third-party laboratory service used by Maxicare members for at-home laboratory requests. Lab@Home operates a separate database that is not integrated with Maxicare’s systems.

Maxicare has reassured its members that no immediate action is required on their part and that the company is actively taking steps to minimize any further risk. An investigation into the full scope of the breach is ongoing, and Maxicare has committed to providing updates as more information becomes available.

This incident comes amidst a series of cyberattacks targeting various organizations in the Philippines, including the Philippine National Police Firearms and Explosive Office (PNP-FEO), the Department of Science and Technology (DOST), the Maritime Industry Authority (MARINA), and major companies such as Toyota Motor Philippines and Robinsons Land Corp. Maxicare has already informed the National Privacy Commission (NPC) about the breach. The NPC is expected to take action to ensure the protection of personal data.

Jeffrey Ian C. Dy, the DICT Undersecretary for Infostructure Management, Cybersecurity, and Upskilling, informed the Manila Bulletin that the initial report from NCERT indicates that the data leak started when a threat actor stumbled upon the login credentials of Maxicare’s third-party service provider on the internet. This actor then exploited these credentials to gain unauthorized access to the system and downloaded the available data.

Undersecretary Dy emphasized that they are in active coordination with the NPC and are ready to extend their assistance to Maxicare if necessary.

Undersecretary Dy issued a stern reminder to all organizations in light of this incident. He urged them to adopt either passwordless authentication mechanisms, such as biometric authentication, or to implement multi-factor authentication. This is a crucial step in preventing similar incidents in the future.

Furthermore, he stressed that all public and private organizations must exercise stringent control over their outsourcing partners. They are responsible for ensuring that these partners also adhere to robust cybersecurity measures. This is not just a recommendation but a necessity in today’s digital age.

Maxicare urges its members to remain vigilant and report any suspicious activity related to their personal information. The company has also vowed to enhance its cybersecurity measures to prevent future incidents.

*****
Credit belongs to : www.mb.com.ph

Check Also

Break the monotony with the Olive Green Redmi Note 13 Pro 5G

It is always exciting to see fresh takes on smartphone design, a welcome change from …