North Mississippi Health Services (NMHS) has been impacted by a data breach related to MOVEit, a software system widely used in the financial sector. The breach occurred at Cadence Bank, a company that provides treasury management services to NMHS.
The data breach, reported by NMHS on October 27, 2023, in a notice posted on its website, has led to a significant release of consumers’ sensitive information. The information that may have been exposed in the breach includes names, addresses, dates of birth, Social Security numbers, driver’s license numbers, health insurance information, and medical information, including treatment records.
This is a reminder for both legal professionals and corporate executives about the rising cybersecurity threats that companies face today. With more businesses becoming increasingly reliant on third-party service providers, there is a need to reassess and strengthen data protection protocols and ensure that these partners adhere to the same standards.
For businesses and law firms, third-party risk management is crucial and should include stringent cybersecurity assessments of all partner firms, data access limitations, and regular audits of security measures.
As NMHS and Cadence Bank navigate the complexities intertwined with this data breach, legal professionals will continue to play a crucial role in addressing the legal and regulatory implications and in guiding the response plan to mitigate damage to customers and the organization.