A data breach at a Georgia cancer testing laboratory affecting the information of nearly 245,000 individuals is the second time within six months the lab reported to federal regulators a hacking breach affecting hundreds of thousands of individuals.
A spokeswoman for Cytometry Specialists, which does business as CSI Laboratories, says this most recent event is unrelated to a March hacking incident that affected the data of 312,000 individuals.
Back-to-back cybersecurity incidents are likely regardless to grab the attention of federal regulators.
“When an entity has more than one breach within a short period of time, it is likely that the regulator’s investigations of these breaches will be consolidated and this will increase scrutiny on the entity,” says privacy attorney Adam Greene of the law firm Davis Wright Tremaine.
CSI says in a notification statement that its recent phishing incident, discovered in July, involved an attempt by hackers to commit payment fraud as well as the acquisition of files containing patient information.
CSI reported the phishing incident on Sept. 26 to the U.S. Department of Health and Human Services’ Office for Civil Rights as affecting 244,850 individuals.
