ECL Data Breach: What & How It Happened?
Twingate Team
•
Jun 14, 2024
In December 2021, Eye Care Leaders (ECL), a provider of electronic health record and practice management services, experienced a significant data breach due to a ransomware attack. The incident led to a class action lawsuit, with ECL agreeing to a settlement of over $4 million to resolve claims related to the breach.
How many accounts were compromised?
The breach impacted data related to approximately 1.3 million individuals, with a total of 1,987,925 patients included in the breached data so far.
What data was leaked?
The data exposed in the breach included names, driver's licenses, emails, genders, dates of birth, medical record numbers, health insurance details, appointment information, Social Security numbers, and medical data tied to services received at the TTUHSC ophthalmology center.
How was ECL hacked?
Hackers gained access to Eye Care Leaders' electronic medical record platform, compromising the data of approximately 1.29 million patients. During their time in the system, the attackers deleted databases and system configuration files. The exact methods used by the hackers and the full extent of the breach remain unclear.
ECL's solution
In response to the hack, Eye Care Leaders took action by shutting down their electronic health record platform and launching an investigation. While the exact security measures implemented by ECL remain unclear, they have been working to address the breach and its consequences. Affected patients and physicians have been offered a settlement as part of a class action lawsuit, with patients eligible for reimbursement of data breach-related expenses and physicians receiving a share of the settlement fund.
How do I know if I was affected?
It is not clear whether Eye Care Leaders reached out to affected users. However, if you believe you may have been affected by the breach and haven't received a notification, you can visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the appropriate parties.
For more specific help and instructions related to ECL's data breach, please contact ECL's Customer Support directly.
Where can I go to learn more?
If you want to find more information on the ECL data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
ECL Data Breach: What & How It Happened?
Twingate Team
•
Jun 14, 2024
In December 2021, Eye Care Leaders (ECL), a provider of electronic health record and practice management services, experienced a significant data breach due to a ransomware attack. The incident led to a class action lawsuit, with ECL agreeing to a settlement of over $4 million to resolve claims related to the breach.
How many accounts were compromised?
The breach impacted data related to approximately 1.3 million individuals, with a total of 1,987,925 patients included in the breached data so far.
What data was leaked?
The data exposed in the breach included names, driver's licenses, emails, genders, dates of birth, medical record numbers, health insurance details, appointment information, Social Security numbers, and medical data tied to services received at the TTUHSC ophthalmology center.
How was ECL hacked?
Hackers gained access to Eye Care Leaders' electronic medical record platform, compromising the data of approximately 1.29 million patients. During their time in the system, the attackers deleted databases and system configuration files. The exact methods used by the hackers and the full extent of the breach remain unclear.
ECL's solution
In response to the hack, Eye Care Leaders took action by shutting down their electronic health record platform and launching an investigation. While the exact security measures implemented by ECL remain unclear, they have been working to address the breach and its consequences. Affected patients and physicians have been offered a settlement as part of a class action lawsuit, with patients eligible for reimbursement of data breach-related expenses and physicians receiving a share of the settlement fund.
How do I know if I was affected?
It is not clear whether Eye Care Leaders reached out to affected users. However, if you believe you may have been affected by the breach and haven't received a notification, you can visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the appropriate parties.
For more specific help and instructions related to ECL's data breach, please contact ECL's Customer Support directly.
Where can I go to learn more?
If you want to find more information on the ECL data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
ECL Data Breach: What & How It Happened?
Twingate Team
•
Jun 14, 2024
In December 2021, Eye Care Leaders (ECL), a provider of electronic health record and practice management services, experienced a significant data breach due to a ransomware attack. The incident led to a class action lawsuit, with ECL agreeing to a settlement of over $4 million to resolve claims related to the breach.
How many accounts were compromised?
The breach impacted data related to approximately 1.3 million individuals, with a total of 1,987,925 patients included in the breached data so far.
What data was leaked?
The data exposed in the breach included names, driver's licenses, emails, genders, dates of birth, medical record numbers, health insurance details, appointment information, Social Security numbers, and medical data tied to services received at the TTUHSC ophthalmology center.
How was ECL hacked?
Hackers gained access to Eye Care Leaders' electronic medical record platform, compromising the data of approximately 1.29 million patients. During their time in the system, the attackers deleted databases and system configuration files. The exact methods used by the hackers and the full extent of the breach remain unclear.
ECL's solution
In response to the hack, Eye Care Leaders took action by shutting down their electronic health record platform and launching an investigation. While the exact security measures implemented by ECL remain unclear, they have been working to address the breach and its consequences. Affected patients and physicians have been offered a settlement as part of a class action lawsuit, with patients eligible for reimbursement of data breach-related expenses and physicians receiving a share of the settlement fund.
How do I know if I was affected?
It is not clear whether Eye Care Leaders reached out to affected users. However, if you believe you may have been affected by the breach and haven't received a notification, you can visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the appropriate parties.
For more specific help and instructions related to ECL's data breach, please contact ECL's Customer Support directly.
Where can I go to learn more?
If you want to find more information on the ECL data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions