ZOLL Medical Corporation
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
ZOLL Medical Corporation, based in Chelmsford, Massachusetts, experienced a significant cybersecurity incident that was characterized as a “sophisticated email phishing attack” targeting a ZOLL employee. The attack, which was disclosed by the company, may have exposed protected health information (PHI) of current and former employees, dependents, and beneficiaries. The types of information potentially compromised included names, addresses, Social Security numbers, PHI, and health insurance information. ZOLL has stated that there is no indication that the information has been misused and is offering free credit monitoring and identity theft protection services to affected individuals. A dedicated call center has been established to assist those impacted by the incident[1].
Additionally, ZOLL Medical is facing litigation from patients affected by a previous data breach that occurred in January, which potentially exposed PHI and other personal information of more than 1 million people. The company has been sued in federal court in Massachusetts over this data breach, and the lawsuit alleges that ZOLL failed to implement and maintain reasonable data security measures to protect sensitive information[7].
The recent data breach was detected on January 28, 2023, and ZOLL began notifying affected individuals by mail on or about March 10, 2023. The breach resulted in unauthorized access to the company’s internal network, exposing employee and patient data, including names, addresses, dates of birth, and Social Security numbers. ZOLL Medical Corporation is a manufacturer of medical devices and software solutions, and the breach has raised concerns about the company’s commitment to data security[3][5][11].
For those affected by the breach, ZOLL Medical has offered two years of Experian’s “Identity Works” credit monitoring and identity theft protection services. The company is also evaluating its cybersecurity education and training measures for employees to prevent future incidents[1][5].
ZOLL Medical Corporation is part of the Asahi Kasei Group and is known for producing medical devices and software solutions that help advance emergency care, including cardiac monitoring, oxygen therapy, resuscitation, and ventilation products[3].
Citations:
- https://www.massdevice.com/zoll-medical-email-phishing-cyberattack-data-breach/
- https://www.opentext.com
- https://milberg.com/news/zoll-data-breach-lawsuit/
- https://www.cbc.ca/news/health/virtual-care-for-profit-patients-data-1.7109278
- https://www.justice4you.com/blog/zoll-medical-corporation-data-breach.html
- https://www.abiomed.com
- https://www.massdevice.com/zoll-faces-lawsuit-over-data-breach/
- https://www.propublica.org/article/oregon-leaders-hampered-drug-decriminalization-effort
- https://www.mddionline.com/regulatory-quality/zoll-suffers-massive-data-breach
- https://www.bayer.com/de/
- https://www.jdsupra.com/legalnews/zoll-medical-corporation-files-notice-8907553/
- https://www.airmethods.com
- https://www.turkestrauss.com/2023/12/19/zoll-medical-corporation-data-breach-investigation-2/
- https://www.inspirahealthnetwork.org
- https://www.idstrong.com/sentinel/zoll-medical-data-breach/
- https://www.servicenow.com