A wealth of personal information for nearly 100,000 individuals has been accessed by a former employee of the New York-based NRAD Medical Associates.
The data of around 97,000 current and former patients was compromised when the radiologist accessed and lifted the information without approval. Data included names, addresses, Social Security numbers and insurance information. Sensitive medical codes were also stolen, including those related to procedures.
"There is no indication that any of the breached data has been disclosed to or used by any third parties, and there is no evidence that any patient financial data, such as credit card numbers and banking information, was accessed," according to the news release posted on NRAD's website.
The company has also stated that enhanced security measures have been put into effect. While not offering any credit monitoring services themselves, the company advised patients to contact credit reporting companies.
Continuous data breaches speak to the necessity of using comprehensive security audits to identify whether employees have unnecessary access to systems containing sensitive information. These measures need to move beyond considerations for companies and become necessities as part of ongoing threat prevention.