Cyber Security News

ConnectOnCall Data Breach, 900,000 Customers Data Exposed

 The healthcare communication platform ConnectOnCall, operated by ConnectOnCall.com, LLC, has confirmed a significant data breach that compromised the personal information of 900,000 patients and healthcare providers.

The platform, designed to streamline after-hours communications between patients and healthcare providers, discovered the breach in May of this year.

The breach was identified on May 12, 2024, prompting an immediate investigation by the company. Preliminary findings revealed that between February 16, 2024, and May 12, 2024, an unknown third party illicitly accessed the platform and sensitive data within its application.

The exposed data is believed to include patient-provider communications, containing names, phone numbers, medical record numbers, dates of birth, and details related to health conditions, treatments, and prescriptions. In a limited number of cases, Social Security Numbers (SSNs) were also impacted.

2024 MITRE ATT&CK Evaluation Results Released for SMEs & MSPs -> Download Free Guide

Swift Company Response and Investigation

ConnectOnCall promptly secured its systems, taking the platform offline to prevent further data exposure.

The company enlisted external cybersecurity specialists to conduct a comprehensive investigation, identify the extent of the breach, and bolster its security infrastructure to protect against future incidents.

In addition, federal law enforcement was notified, and the company has committed to cooperating fully with authorities.

According to the YahooFinance report, ConnectOnCall has since been implementing a phased restoration of its platform in a more secure environment to ensure the safety of its users going forward.

Notifications and Support for Affected Individuals

As of December 11, 2024, ConnectOnCall began notifying all individuals potentially impacted by the breach via mail, provided their current mailing addresses were available.

For those whose SSNs were involved, the company is offering complimentary identity and credit monitoring services through Kroll, a leading risk consulting and intelligence firm, to help safeguard affected individuals against identity theft and fraud.

ConnectOnCall has urged all users to remain vigilant, monitor their personal information, and report any suspicious activities to their healthcare providers, insurers, or financial institutions.

Although ConnectOnCall has stated that it is unaware of any misuse of the exposed data at this time, the company’s CEO commented: “We are deeply sorry for any inconvenience caused. We are committed to ensuring the safety and trust of all those who rely on ConnectOnCall for critical communication.”

This incident raises fresh concerns about the vulnerability of sensitive healthcare data, underscoring the urgent need for advanced cybersecurity measures across all industries handling personal information.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

xAI Developer Accidentally Leaks API Key Granting Access to SpaceX, Tesla, and X LLMs

An employee at Elon Musk’s artificial intelligence venture, xAI, inadvertently disclosed a sensitive API key…

36 minutes ago

North Korean Hacker Tries to Infiltrate Kraken Through Job Application

Leading cryptocurrency exchange Kraken has disclosed that it recently thwarted an infiltration attempt by a…

2 hours ago

Multiple Flaws in Tenda RX2 Pro Let Attackers Gain Admin Access

Security researchers have uncovered a series of critical vulnerabilities in the Tenda RX2 Pro Dual-Band…

2 hours ago

Hackers Exploit Email Fields to Launch XSS and SSRF Attacks

Cybersecurity researchers are raising alarms as hackers increasingly weaponize email input fields to execute cross-site scripting…

5 hours ago

Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims

A recent investigation by cybersecurity firm EclecticIQ, in collaboration with threat hunters, has exposed a…

5 hours ago

SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control

Cybersecurity researchers have uncovered a dangerous new exploitation technique, dubbed the "SonicBoom Attack Chain," which…

6 hours ago