Fertility Clinic Reproductive Biology Associates Discloses Data Breach Exposing Patient Information

Fertility Clinic Reproductive Biology Associates Discloses Data Breach Exposing Patient Information


A Georgia-based fertility clinic has disclosed a data breach after files containing sensitive patient information were stolen during a ransomware attack.


Reproductive Biology Associates, LLC, (RBA) is a fertility clinic that recruits egg donors, retrieves eggs, and stores them for later use by recipients, including those using the MyEggBank service.


MyEggBank works with multiple fertility centers around the USA, including RBA, to recruit egg donors and create an egg bank where potential recipients can search for a matching egg donor.


Ransomware gang accessed embryology data


In a data breach notification issued by both RBA and its affiliate MyEggBank, RBA states that they first learned that they were hit by a ransomware attack on April 16th, 2021, when "a file server containing embryology data was encrypted and therefore inaccessible."


However, they believe the attackers first gained access to their systems on April 7th and a server containing health information on April 10th.


When ransomware attacks occur, threat actors usually breach a particular system on the network and spend a few days to a week quietly spreading throughout the network while stealing files and deleting backups.


While RBA does not explicitly state that they paid a ransom, the data breach notification indicates that they had done so to get a decryptor and prevent the release of stolen data.


"In the course of our ongoing investigation of the incident, on June 7, 2021 we determined the individuals whose personal information was affected," says the RBA data breach notification.


"Access to the encrypted files was regained, and we obtained confirmation from the actor that all exposed data was deleted and is no longer in i ..

Support the originator by clicking the read the rest link below.