Continuum reveals hack exposed 377K Consensus Medical Group patients


Continuum, a health management and patient care coordination services provider, has disclosed that attackers accessed personal details and medical data.

According to information Continuum submitted to the Maine Attorney General, over 377,000 individuals were exposed in the attack.

“We are in possession of your information because we are a provider of health management and patient care coordination services to healthcare organizations and health insurers that work with Consensus Medical Group,” Continuum’s breach notification letter reads.

The company said the attack occurred on October 18th, with threat actors penetrating Continuum’s systems and accessing files with patient data. The attackers accessed a trove of sensitive information, such as:

Exposing personal medical data poses severe risks for affected individuals as attackers could use the information for identity theft, financial fraud, targeted phishing attacks, blackmail, and potentially compromise patients’ medical histories and personal information.

Individual healthcare data can be sold on dark web forums. For example, malicious actors can use medical details for medical identity theft, a type of fraud where threat actors use stolen information to submit forged claims to health insurers.

To alleviate the potential risks to affected individuals, Continuum said it will complementarity credit and identity theft monitoring services.