Telehealth software provider ConnectOnCall is in the process of notifying over 900,000 patients that their information was compromised in an attack earlier this year.
ConnectOnCall provides telehealth and afterhours answering services with features built in to aid providers in patient data logging and tracking. The information being reported indicates that they are aware of a breach of their systems which occurred between February and May of 2024. After discovering the breach in mid May the parent company Phreesia contacted federal law enforcement, contracted outside experts for assistance and took ConnectOnCall software offline. Phreesia has since been relaunching the platform in a more secure environment. Phreesia offers several patient centric SaaS (software as a service) tools but assures consumers in their statement that there is no indication that their other platforms were impacted.
The important detail to note as you read this article is that the breach was persistent for 3 months.....3 months. There are a few questions which are fair to ask.
Was this a privilege access issue? Lost credentials? Human error?
No?
If not human error which part of the security stack failed for how long to enable this persistent threat?
How often are you auditing these systems utilizing an independent 3rd party to ensure transparency?
Just thoughts...
Not casting stones just wondering....