2 Million Individuals Impacted By Shields Health Care Group Cyberattack

June 07, 2022 - Shields Health Care Group reported a healthcare cyberattack to HHS impacting 2 million individuals. The Massachusetts-based healthcare group provides MRI, PET/CT, and ambulatory surgical services to patients across New England at more than 30 locations.

According to a notice on Shields’ website, the organization discovered suspicious activity on its network on March 28, 2022. Shields immediately launched an investigation and took steps to contain the incident.

The investigation revealed that an unknown actor gained access to certain Shields systems from March 7 to March 21. The unknown actor also acquired certain data from the systems.

Full names, Social Security numbers, provider information, diagnoses, billing information, medical record numbers, patient IDs, dates of birth, addresses, and treatment information were involved in the incident.

“Shields takes the confidentiality, privacy, and security of information in our care seriously.  Upon discovery, we took steps to secure our systems, including rebuilding certain systems, and conducted a thorough investigation to confirm the nature and scope of the activity and to determine who may be affected,” Shields stated.

“Additionally, while we have safeguards in place to protect data in our care, we continue to review and further enhance these protections as part of our ongoing commitment to data security.”

Shields provided an extensive list of facility partners that may have been impacted by the incident, including Tufts Medical Center, UMass Memorial, and other New England healthcare facilities.