Third-party data breach exposes info of Alabama hospital job applicants

Huntsville Hospital in Alabama announced that the personal data of job applicants may have been compromised after a security incident at the recruitment platform they collaborate with. Social Security numbers of thousands of people may have been leaked online. Detailed information has not been released, but applicants that may have fallen victim are contacted and offered identity protection services.

Huntsville Hospital released a statement on Thursday reading:

“Regrettably, we’ve learned that Jobscience, Inc., the vendor which we’ve used for online employment application services since 2006, had a data breach which may have involved information from individuals who applied for jobs at Huntsville Hospital. Because of this, notification letters are being sent to the affected persons.

“Although we have no indication that any information has been misused in any way, out of an abundance of caution, we are offering identity theft protection to those job applicants whose Social Security Number may have been compromised.

The hospital no longer uses the services of Jobscience.”

2018 has seen some major breaches in the healthcare sector. Motivated by financial gain, hackers have so far launched aggressive attacks on three hospitals in Massachusetts, countless ransomware attacks, and they compromised patient records through phishing attacks. Third-party vendors, as in the case of Huntsville Hospital, are turning into a key challenge because third-party risks have been neglected for far too long, even though they come with many associated risks.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Luana Pascu. Read the original post at: