July 17, 2023
Intellihartx (ITx), a Tennessee-based payment and collections service provider, previously announced a massive ransomware attack affecting 489,830 individuals. The firm allegedly mishandled third-party risks on a recent hack involving its file transfer software vendor, Fortra. Hackers stole almost half a million personally protected health information, as stated in its notice filed with the Maine attorney general’s office on June 8, 2023.
Table of Contents
Intellihartx Hacking and Extortion Attack: 490,000 Individuals Affected
Last June 21, 2023, plaintiff Lauren Perrone filed a lawsuit against Intellihartx in an Ohio federal court on behalf of the 489,830 individuals affected by the said data security breach. According to Perrone, Intellihartx did not oversee the collection of sensitive personal information by its business associates, vendors, and suppliers.
Accordingly, the Clop ransomware group conducted a zero-day vulnerability in Fortra’s two file-sharing services, GoAnywhere MFT and MOVEit. These two services allegedly compromised the protected health information of around 130 companies in late January and early February 2023. Clop uses ransomware to encrypt files, but the said attacks only involved data theft and extortion. The attackers threatened their victims that they would release their stolen data if they didn’t pay the ransom.
Investigation and Notification Process: Intellihartx’s Response
After confirming the attack on February 2, Intellihartx conducted an investigation to identify the scope of the breach. On March 24, the preliminary results showed that sensitive data had been stolen. However, it was only on April 11 when ITx started notifying the affected individuals. On May 10 to May 19 of this year, the firm launched a comprehensive review of the affected files, which identified that PHI was compromised.
According to the findings, Clop successfully exfiltrated sensitive patient data, including names, addresses, birth dates, Social Security numbers, diagnoses, medications, insurance, and billing information. Intellihartx strengthened its file transfer platform and implemented additional security measures to resolve the hacking incident. The Tennessee-based firm also offered affected individuals complimentary access to credit monitoring services.
Petaluma Health Center’s Cyber Incident
The Petaluma Health Center in California recently notified its previous and current patients about unauthorized third-party access to a substantial amount of protected health information of 124,862 individuals. On March 14, 2023, the California-based medical provider detected and blocked the said network security incident. However, it did not disclose further information on the nature of the incident. Therefore, it was unclear whether or not the attack was due to ransomware. There was also no evidence of theft or patient data misuse.
According to PHC, the cyberattack gained access from payroll and human resources. The incident allegedly exposed names, addresses, birth dates, Social Security numbers, health insurance plans, and medical records. However, the extent of the breach is still unknown.
As a response, PHC is now improving its security measures to avoid data breaches from happening again. The California-based medical provider is also reviewing its physical and technical safeguards. It also offered the affected individuals complimentary single-bureau credit monitoring services.
North Shore Medical Labs Files Notice of Data Privacy Incident
North Shore Medical Labs, a New York-based clinical reference laboratory, detected a data security breach. The hacking incident exposed an array of protected health information. The May 12, 2023 investigation also affirmed that a malicious actor had accessed specific NSML data. Following the incident discovery, the lab immediately notified the affected individuals and told them their files had been stolen.
According to the findings, an unauthorized third party stole the names, birth dates, and medical laboratory results of 500 patients. The first incident started on December 19, 2022, and lasted until March 31, 2023. Meanwhile, the lab performed a forensic investigation, which showed that the unauthorized third party started copying the sensitive data between March 17 and March 31.
North Shore Medical Labs is now reviewing its security measures and monitoring tools. It is also working closely with the staff and vendors to mitigate data privacy risks. The Office for Civil Rights (OCR) will conduct another investigation to determine the data breach’s full extent.
Ensuring Robust Defense Against Emerging Threats
Today’s healthcare landscape faces emerging challenges, including the increasing number of incidents of cybersecurity breaches. Poor security measures can leave organizations and businesses vulnerable to cyberattacks, putting them at risk of compromising sensitive health data. These incidents serve as a wake-up call for the healthcare industry to prioritize investing in robust cybersecurity.
Now more than ever, healthcare providers must take proactive steps to safeguard PHI. Beyond protecting patient privacy, it establishes trust and leads to better patient outcomes.