HealthAlliance, a healthcare facility operator in Hudson Valley, has been penalized $550,000 by the New York State Attorney General for failing to secure the personal and medical data of over 240,000 patients. A vendor-notified vulnerability was left unpatched due to technical issues, resulting in a cyber-attack that compromised patient data. HealthAlliance is now required to fortify its data security measures to prevent future lapses.
"id": "hea000121324",
"linkid": "healthalliance-of-the-hudson-valley",
"type": "Vulnerability",
"date": "12/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"