Cyber Security News

ConnectOnCall Data Breach, 900,000 Customers Data Exposed

 The healthcare communication platform ConnectOnCall, operated by ConnectOnCall.com, LLC, has confirmed a significant data breach that compromised the personal information of 900,000 patients and healthcare providers.

The platform, designed to streamline after-hours communications between patients and healthcare providers, discovered the breach in May of this year.

The breach was identified on May 12, 2024, prompting an immediate investigation by the company. Preliminary findings revealed that between February 16, 2024, and May 12, 2024, an unknown third party illicitly accessed the platform and sensitive data within its application.

The exposed data is believed to include patient-provider communications, containing names, phone numbers, medical record numbers, dates of birth, and details related to health conditions, treatments, and prescriptions. In a limited number of cases, Social Security Numbers (SSNs) were also impacted.

2024 MITRE ATT&CK Evaluation Results Released for SMEs & MSPs -> Download Free Guide

Swift Company Response and Investigation

ConnectOnCall promptly secured its systems, taking the platform offline to prevent further data exposure.

The company enlisted external cybersecurity specialists to conduct a comprehensive investigation, identify the extent of the breach, and bolster its security infrastructure to protect against future incidents.

In addition, federal law enforcement was notified, and the company has committed to cooperating fully with authorities.

According to the YahooFinance report, ConnectOnCall has since been implementing a phased restoration of its platform in a more secure environment to ensure the safety of its users going forward.

Notifications and Support for Affected Individuals

As of December 11, 2024, ConnectOnCall began notifying all individuals potentially impacted by the breach via mail, provided their current mailing addresses were available.

For those whose SSNs were involved, the company is offering complimentary identity and credit monitoring services through Kroll, a leading risk consulting and intelligence firm, to help safeguard affected individuals against identity theft and fraud.

ConnectOnCall has urged all users to remain vigilant, monitor their personal information, and report any suspicious activities to their healthcare providers, insurers, or financial institutions.

Although ConnectOnCall has stated that it is unaware of any misuse of the exposed data at this time, the company’s CEO commented: “We are deeply sorry for any inconvenience caused. We are committed to ensuring the safety and trust of all those who rely on ConnectOnCall for critical communication.”

This incident raises fresh concerns about the vulnerability of sensitive healthcare data, underscoring the urgent need for advanced cybersecurity measures across all industries handling personal information.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications

Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on…

5 hours ago

Russian Hackers Exploit Oracle Cloud Infrastructure to Target Scaleway Object Storage

Russian threat actors have been leveraging trusted cloud infrastructure platforms like Oracle Cloud Infrastructure (OCI)…

5 hours ago

Critical Vulnerability in Netwrix Password Manager Enables Authenticated Remote Code Execution

A critical security vulnerability has been discovered in Netwrix Password Secure, a widely used enterprise…

5 hours ago

Cityworks Zero-Day Vulnerability Used by UAT-638 Hackers to Infect IIS Servers with Shell Malware

Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994, in…

6 hours ago

Researchers Warn of ‘Smiao Network’ Cyber Threat Against Taiwan’s Federal Staff

The Foundation for Defense of Democracies (FDD) and cybersecurity firm TeamT5 has exposed an intricate…

7 hours ago

Vidar and StealC Malware Delivered Through Viral TikTok Videos by Hackers

A sophisticated social engineering campaign that leverages the viral power of TikTok to distribute dangerous…

7 hours ago