CareSouth Carolina based in Hartsville, SC has informed 76,035 patients regarding the likely exposure of some of their protected health information (PHI) because of a ransomware attack on Netgain Technologies, its IT service provider.
Netgain advised CareSouth Carolina on January 14, 2021 that it had encountered a ransomware attack in December 2020, and the hackers got access to its servers comprising patient information from late November, a few of which was exfiltrated before the usage of ransomware.
On April 13, 2021, Netgain gave CareSouth Carolina a copy of the records that were likely exposed. CareSouth Carolina performed an analysis of the information and on April 27, 2021 affirmed that the dataset contained patient names, addresses, birth dates, diagnoses/ conditions, laboratory results, prescription drugs, and other clinical data. For a few patients, Social Security numbers were likewise included.
The threat actors gave Netgain a ransom demand and threatened to offer for sale the stolen information when there’s no payment. Netgain decided to pay the ransom demand and acquired guarantees that the stolen files were erased and hadn’t been further exposed.
Since the breach, Netgain and CareSouth have executed more security procedures to stop any recurring attacks, and CareSouth is giving impacted patients free identity theft protection services.
13,813 People Affected by Community Access Unlimited Ransomware Attack
Community Access Unlimited located in Elizabeth, NJ has commenced informing 13,813 individuals that their PHI was kept on systems that were viewed by unauthorized people.
On November 10, 2020, Community Access Unlimited discovered suspicious actions in its internal systems. The provider quickly took offline its systems, and third-party forensics professionals were called in to identify the nature and extent of the breach.
The investigation showed that unauthorized people accessed its systems between June 29, 2020 and November 12, 2020, yet it wasn’t possible to ascertain if the hackers accessed or exfiltrated any patient records.
An evaluation of the breached systems showed this information may probably have been viewed or acquired: Names, birth dates, state identification card numbers, non-resident identification numbers, driver’s license numbers health details, medical insurance beneficiary numbers, as well as usernames and passwords.
Guidelines and procedures have since been assessed and improved to cut down the possibilities for more attacks. Impacted persons were now alerted and free credit monitoring and identity restoration services were given to likely affected people.