A ransomware attack on Tenx Systems, a company providing software for assisted living communities, impacted over 60 facilities that utilize the software program.
Also known as ResiDex Software, Tenx Systems stated the attack happened on April 9, 2019 and impacted its server infrastructure.
Immediately, the servers were moved to a different hosting provider and files from backup were effortlessly restored on the same day of the attack. Tenx Systems did not pay any ransom.
A forensic team investigated the incident to find out if the attackers accessed any files or performed other malicious actions. The investigation showed that the first compromise of the servers occurred on April 2, 2019, which is 7 days before the ransomware was deployed.
Although the attackers may be aiming to extort through file encryption, it is likely that the attackers were able to access some information including names, Social Security numbers, and medical information stored in the ResiDex system.
It was impossible to ascertain which, if any, information were accessed without authorization because of the the nature of the attack and the actions the attackers did to cover up their activities.
Tenx Systems is sending notifications to all affected persons, which include those from Massachusetts, Missouri, Minnesota and Tennessee. There is no report yet regarding the number of persons affected by the breach and the HHS’ Office for Civil Rights Breach Portal has not posted this incident.
Prescription Data of 78,000 U.S. Patients Exposed On the Web
vpnMentor security researchers discovered that the patient prescription data of over 78,000 U.S. patients were freely accessible online. The patients affected use the prescription drug Vascepa, a drug for lowering triglycerides for people who are on low-fat and low-cholesterol diets.
The unprotected MongoDB database allowed the viewing of the following data without authentication: names, addresses, email addresses, phone numbers, pharmacy data, prescribing physician, NPI number, NABP E-profile number, and other personally identifiable information.
The patient prescription data seemed to be from the firm, PSKW. PSKW uses a service called ConnectiveRX to provide patient and provider messaging, co-pay, and assistance programs for medical care companies.
vpnMentor already reported the breach to PSKW. However, it is not yet clear who owns the database.