In yet another cybersecurity incident, Atrium Healthcare announced that they had experienced a data breach exposing some 2.65 million patient records including dates of birth and social security numbers. As of right now, the details of this breach were not available except to say that the breach occurred via a third party service provider known as AccuDoc where an unauthorized threat actor gained access to a database containing the exposed data.
While it’s far too early to describe the details of this breach, if it is like other, similar breaches, it’s likely safe to say that this was the result of a misappropriation of privileged access. That is, threat actors use all sorts of means to gain access to a set of credentials within the target enterprise with the ultimate goal of access the credentials of a privileged account – the accounts that have oftentimes unfettered access to network applications and databases, such as the one allegedly breach at Atrium / AccuDoc.
Organizations which have sensitive data (and really, don’t they all) would be wise to deploy a privileged access management solution which combines a password vault to protect those “keys to the kingdom” alongside session management to ensure only the right people are accessing the systems containing the sensitive data. With the 1 – 2 punch, enterprises can fend off many of the cyber-attacks threatening our valuable and personal data.