Phreesia’s ConnectOnCall software has suffered a data breach, exposing the personal and health information of over 900,000 individuals. Between February and May 2023, an unknown third party infiltrated the data, compromising medical records, names, phone numbers, and some social security numbers. The healthcare software is offline and under investigation. Though no misuse of data has yet been found, the company has offered identity and credit monitoring services to those with exposed social security numbers.
Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted
