[BreachExchange] Diabetes device manufacturer notifies 140, 000 patients of phishing attack

Destry Winant destry at riskbasedsecurity.com
Tue Mar 24 10:15:02 EDT 2020


https://www.beckershospitalreview.com/cybersecurity/diabetes-device-manufacturer-notifies-140-000-patients-of-phishing-attack.html

Device manufacturer Tandem Diabetes Care began alerting 140,781
patients that their personal information may have been exposed in a
phishing attack.

In January, Tandem Diabetes Care discovered that an unauthorized
person had gained access to an employee’s email account. After an
investigation, the manufacturer determined that the unauthorized
person had access to a limited number of employee email accounts
between Jan. 17 and Jan. 20.

Patient data stored in the email accounts that may have been exposed
included names, services provided, clinical information and Social
Security numbers.

Since the incident, Tandem Diabetes Care has implemented additional
email security controls and strengthened its user authorization and
authentication process. The manufacturer recommends patients review
any billing statements they receive from healthcare providers.


More information about the BreachExchange mailing list