Clinical Review Vendor Reports Data Breach

Jan 12, 2022 10:00 pm Cyber Security 158

Clinical Review Vendor Reports Data Breach

A cyber-attack on the Medical Review Institute of America (MRIoA) may have exposed the personal data of 134,571 individuals.



MRIoA, which is based in Salt Lake City, Utah, said it was "the victim of a sophisticated cyber incident" discovered on November 9, 2021, that resulted in a threat actor’s gaining unauthorized access to its network and exfiltrating data.



MRIoA, which provides clinical reviews and virtual medical opinions, said attackers broke into its computer system by exploiting an alleged vulnerability in a product made by SonicWall. 



Information affected by the incident may have included first and last name, gender, home address, phone number, email address, date of birth and Social Security number; clinical information, such as medical history/diagnosis/treatment, dates of service, lab test results, prescription information, provider name, and medical account number; and financial information, including health insurance policy and group plan number, group plan provider, and claim information.



In a breach report filed with the Maine attorney general, MRIoA stated that it had "retrieved and subsequently confirmed the deletion" of the information exfiltrated in the attack.



A list of 31 MRIoA clients whose were affected by the cyber-attack was included in the breach report. 



Featured on the list are Horizon Blue Cross Blue Shield of New Jersey, five different branches of Blue Cross and Blue Shield, and the University of Arkansas Medical Benefit Plan.



MRIoA said it is taking steps to beef up its cybersecurity posture. ..

Support the originator by clicking the read the rest link below.

clinical review vendor reports breach
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!