According to a statement from the University of Tennessee Hospital, one infringement has affected about 235.000 people.
The Medical Center is one more victim of the attack carried out against him Blackbaud in May 2020, affecting thousands of people data around the world.
Blackbaud is a software provider that provides support and management tools for fundraising purposes and is used by charities and other organizations worldwide.
The owners of Blackbaud paid the ransom they were asked for and as they claim hackers have deleted the data they stole. Yet organizations around the world are still counting their wounds from attack.
The University of Tennessee Medical Center found that his clients had fallen victim to Blackbaud's July 16 violation. About 234.954 people have been informed about the incident.
Information such as patient names, contact information and demographics data may have been violated as a result of the incident, the medical center said.
A statement "Blackbaud specifically informed us that the criminal did NOT have access to credit card information, bank account information or social security numbers."
Victims will be informed through e-mail, said the Medical Center. It also said it was "examining all relevant business practices regarding Blackbaud data security".
"Blackbaud said it quickly identified her vulnerability "It simply came to our notice then and took immediate action to rectify the situation," he said in a statement.
The Tennessee Medical Center incident is a reminder of the dangers of choosing third-party vendors for a company's customer data.
Ο Joseph Carson, its head of security Thycotic, told the Daily Swig: "It is important to conduct an impact and risk assessment on any software a company decides to use, such as what data is collected, what security checks have been performed, data integrity and the availability of strong backups and data resilience. . »
"Although it is important to know that not all third party software is the same. "Some have security enabled, while others offer very basic security controls that are disabled."
Source: en.secnews.gr
