ZOLL Medical Corporation

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

ZOLL Medical Corporation, based in Chelmsford, Massachusetts, experienced a significant cybersecurity incident that was characterized as a “sophisticated email phishing attack” targeting a ZOLL employee. The attack, which was disclosed by the company, may have exposed protected health information (PHI) of current and former employees, dependents, and beneficiaries. The types of information potentially compromised included names, addresses, Social Security numbers, PHI, and health insurance information. ZOLL has stated that there is no indication that the information has been misused and is offering free credit monitoring and identity theft protection services to affected individuals. A dedicated call center has been established to assist those impacted by the incident[1].

Additionally, ZOLL Medical is facing litigation from patients affected by a previous data breach that occurred in January, which potentially exposed PHI and other personal information of more than 1 million people. The company has been sued in federal court in Massachusetts over this data breach, and the lawsuit alleges that ZOLL failed to implement and maintain reasonable data security measures to protect sensitive information[7].

The recent data breach was detected on January 28, 2023, and ZOLL began notifying affected individuals by mail on or about March 10, 2023. The breach resulted in unauthorized access to the company’s internal network, exposing employee and patient data, including names, addresses, dates of birth, and Social Security numbers. ZOLL Medical Corporation is a manufacturer of medical devices and software solutions, and the breach has raised concerns about the company’s commitment to data security[3][5][11].

For those affected by the breach, ZOLL Medical has offered two years of Experian’s “Identity Works” credit monitoring and identity theft protection services. The company is also evaluating its cybersecurity education and training measures for employees to prevent future incidents[1][5].

ZOLL Medical Corporation is part of the Asahi Kasei Group and is known for producing medical devices and software solutions that help advance emergency care, including cardiac monitoring, oxygen therapy, resuscitation, and ventilation products[3].

Citations:

  1. https://www.massdevice.com/zoll-medical-email-phishing-cyberattack-data-breach/
  2. https://www.opentext.com
  3. https://milberg.com/news/zoll-data-breach-lawsuit/
  4. https://www.cbc.ca/news/health/virtual-care-for-profit-patients-data-1.7109278
  5. https://www.justice4you.com/blog/zoll-medical-corporation-data-breach.html
  6. https://www.abiomed.com
  7. https://www.massdevice.com/zoll-faces-lawsuit-over-data-breach/
  8. https://www.propublica.org/article/oregon-leaders-hampered-drug-decriminalization-effort
  9. https://www.mddionline.com/regulatory-quality/zoll-suffers-massive-data-breach
  10. https://www.bayer.com/de/
  11. https://www.jdsupra.com/legalnews/zoll-medical-corporation-files-notice-8907553/
  12. https://www.airmethods.com
  13. https://www.turkestrauss.com/2023/12/19/zoll-medical-corporation-data-breach-investigation-2/
  14. https://www.inspirahealthnetwork.org
  15. https://www.idstrong.com/sentinel/zoll-medical-data-breach/
  16. https://www.servicenow.com
Breach Submission Date Dec 18, 2023
Converted Entity Name ZOLL Medical Corporation
Converted Entity Type Health Plan
State MA
Individuals Affected 8,898
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes