Health information of patients may be at risk.
Fertility clinics across the United States have been struck by a ransomware attack that has not only encrypted networks, but also stolen patients’ sensitive personal and medical information.
US Fertility, a network of fertility clinics which boasts 55 locations across the United States, has revealed that it became aware ransomware had infected its network on September 14 2020, encrypting data on servers and workstations.
The company says that third-party experts were able to help it restore its systems six days later, but that a subsequent investigation has determined that a “limited number of files” had been accessed by an unknown hacker between August 12 2020, and the activation of the ransomware on September 14.
Such tactics are not unusual in modern ransomware attacks, where criminal gangs increase pressure on their victims by not only locking them out of their organisation’s computer systems by encrypting data, but also stealing sensitive files with the threat of publishing them online or selling them on to others.
The company warned that the security breach might “affect the security of certainindividuals’ protected health information.”
According to US Fertility, the types of data accessed by the attackers included patients’ names, addresses, phone numbers, email addresses, dates of birth, medical record numbers (MPI), and – in some cases – social security numbers.
A list of infertility clinics affected by the attack are listed in US Fertility’s press release.
US Fertility CEO Mark Segal apologised for the security breach occurring, and said that the firm was committed to safeguarding the pr ..
Support the originator by clicking the read the rest link below.
