A Missouri-based eyecare clinic, Mattax Neu Prater Eye Center, had recently reported a data breach incident that impacted exactly 92,361 individuals. According to the security researchers, the actual hacking incident happened last December, but the eyecare clinic only announced it in the last week of June this year.
From the statement released by Mattax Neu Prater, they stressed that an unauthorised threat actor might have accessed their third-party networks and infiltrated the massive amount of personal databases of a fraction of their patients.
Reports explained that the data breach incident began on a third-party electronic medical records platform, myCare Integrity, wherein unknown malicious operators had infiltrated to steal and delete sensitive databases and system configuration files.
The owner of the myCare Integrity platform, Eye Care Leaders, stated that their incident response team had immediately worked on the issue to block the unauthorised access and probe the situation. Eye Care Leaders also added that the incident involved their entire network environment, thus stressing that it was not only specific to Mattax Neu Prater.
Despite having no proof of a specific attack on Mattax Neu Prater, the eyecare clinic had still notified their clients to be cautious against potential fraudulent attacks.
The affected individuals of about 92,361 cover the entire network environment of the third-party platform myCare Integrity across the US, adding that the Mattax Neu Prater eyecare clinic is not required to perform critical preventive measures for now. There is also no evidence that patient records specific to the eyecare clinic were compromised.
Nonetheless, Eye Care Leaders still underline that the adversaries may use the personally identifiable information (PII) of impacted individuals for malicious intentions such as further hacking activities, identity theft, and other harmful cyberattacks.
Hence, the affected people and patients of the eyecare clinic are advised to monitor their online activities closely and avoid interacting with suspicious actors that could be scheming to compromise their security. Clicking on links or files attached to emails is also strongly discouraged.
