Nuance Communications announces data breach affecting healthcare

Image via Unsplash

St. Luke's Health Systems in Boise, Idaho announced a data breach involving Nuance Communications. Nuance utilizes software made by a third-party company, Progress Software Corporation, to exchange files related to clinical documentation services provided to health systems, including St. Luke’s. The software, MOVEit Transfer, is widely used by organizations to transfer files.

In late May 2023, Progress Software notified Nuance about a previously unknown vulnerability in its software that allowed an unauthorized third party to take information from the MOVEit Transfer software. In August, after gathering all relevant information, Nuance informed St. Luke's about this incident and that some personal health information of approximately 4,679 patients may have been exposed.

Nuance has mailed letters directly to impacted individuals. At this time, there is no evidence to suggest patient information has been misused.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.