Cybersecurity

The Wolves Got Into the Medicine Cabinet and Now They Know Your Business

NeglectedSheep

2 min read
The Wolves Got Into the Medicine Cabinet and Now They Know Your Business

Oh good. Another breach. Another Tuesday.

I have been awake since yesterday morning, I have seventeen open tickets, and now I have to explain to the flock why a telehealth company let coyotes waltz through their pasture and steal the most aggressively personal health records imaginable.

For those who missed it, threat actors breached Hims, the telehealth brand that discreetly ships little blue pills and hair regrowth serums to lambs who are too embarrassed to talk to an actual doctor. The wolves got in, and now they potentially know exactly which members of the flock are bald, overweight, and, let's say, "struggling with certain livestock-related confidence issues."

I want to be clear about the severity here. This is not "your email was exposed" data. This is "your most humiliating medical secrets are now in a spreadsheet somewhere" data. Protected Health Information, PHI, is a different category of nightmare. We are talking names, conditions, medications, possibly payment details. The kind of information that makes a targeted lure extremely convincing.

And that is the real play here. The wolves do not just sit on this data. They use it. Imagine getting a very personalized fake grain email that says "Hey, we noticed you ordered a certain product, click here to update your prescription." Half the flock would click it immediately, no hesitation, full gallop into the trap.

The Shepherds at Hims have not exactly been forthcoming about the full scope of how the fence got a hole in it. Big surprise. Management never wants to talk about the hole until the whole field is on fire.

What I can tell you is that any flock member who used this service should be on high alert for suspicious follow-up contact, because the wolves now have a very detailed map of your vulnerabilities. Both kinds.

Remediation

Look, I am tired, but here is what you actually do:

If you are a Hims customer: Watch your inbox like a hawk. Any email referencing your health history, your orders, or your "account" should be treated as fake grain until proven otherwise. Do not click. Do not call numbers in the email. Go directly to the official site.

Enable MFA everywhere. Yes, even there.

Monitor your credit and health records. PHI breaches can enable medical identity theft, which is a uniquely horrible experience that I would not wish on anyone except maybe the wolves.

If you are a telehealth company: Apply your ointment. Regularly. Your Sky Pasture configurations are not going to patch themselves, and clearly someone left a gate open.

Stay paranoid out there, the flock never learns.

Original Report: https://www.darkreading.com/cyberattacks-data-breaches/hims-breach-exposes-sensitive-phi