Data Breach at Texas Benefits Recovery Firm

Data Breach at Texas Benefits Recovery Firm

The personal data of over a quarter of a million people has been exposed following a malicious hack perpetrated against a Texas billing and collection company.





Houston-based company Benefit Recovery Specialists, Inc. (BRSI) discovered a data breach had occurred after detecting the installation of malware on its systems. 





The malware may have allowed unauthorized individuals to view and obtain the personal and protected health information (PHI) of 274,837 people. 





BRSI provides billing and collection services to certain healthcare providers and payers. The data exposed by the attack included the private and personal information of current or former members of these plans or healthcare providers.





In a data breach notice, BRSI said that the types of personal information impacted by the cybersecurity incident “may include name, date of birth, date of service, provider name, policy identification number, procedure code and/or diagnosis code.”





The company added that the Social Security numbers of “a small number of individuals” may also have been exposed.





An internal investigation was launched after the malware was discovered by BRSI on April 30 2020. Forensic specialists were hired to uncover how the attack was carried out and to determine how far the attackers managed to penetrate company systems.





Investigators found that an unauthorized individual had gained access to the company’s systems using stolen employee credentials. After entering the network, the attacker installed malware.





Exactly what malware was installed by the bad actor was not stated in the breach notice published by BRSI on its ..

Support the originator by clicking the read the rest link below.