RMcKinley Christian Health Care Services (RMCHCS) in Gallup, NM submitted a report regarding a ransomware attack in February 2021 that resulted in patient data exfiltration.
The attack in February conducted by the Conti ransomware gang had involved the theft of a variety of sensitive data, consisting of job application information, background check records, employee reports, and protected health information (PHI) of patients. A part of the breached files was posted to the Conti data leak portal to pressure the healthcare company to give the ransom payment. The stolen data is no longer posted on the leak site now, nevertheless, it is unclear whether or not RMCHCS paid the ransom demand.
RMCHCS learned on February 16, 2021 about the theft of patient information by a ransomware group. RMCHSC engaged a third-party computer forensics firm to investigate the incident and the exfiltration of information by the attackers between January 21 and February 5, 2021 was confirmed. An evaluation of the data files likely accessed by the threat actors was completed on April 30, 2021, after which, RMCHCS sent notification letters to the impacted individuals.
RMCHCS explained that the attackers may have accessed these data: names, birth dates, telephone numbers, email addresses, addresses, dates of service, driver’s license numbers, password numbers, tribal ID numbers, Social Security numbers, health insurance details, medical record numbers, names of healthcare providers, diagnoses, treatment information, prescribed medicine details, financial account information, and billing and claims details. The types of information likely breached differed from person to person.
RMCHCS provided the individuals affected by the breach with complimentary identity monitoring and restoration services and has taken appropriate measures to reinforce its systems against further cyberattacks and enhanced security and monitoring.
The breach had affected 209,280 individuals.