Intellihartx Victim of Fortra GoAnywhere Hack: 490,000 Individuals Affected

Posted by Steve Alder

The Tennessee-based payment and collections service provider, Intellihartx, has recently confirmed that the personal and health information of 489,830 individuals was stolen in a recent hacking and extortion attack. In late January and early February 2023, the Clop ransomware group exploited a zero-day vulnerability in Fortra’s GoAnywhere MFT to gain access to the data of approximately 130 companies. While Clop often uses ransomware to encrypt files, these attacks only involved data theft and extortion, with demands for payment issued to prevent the public release of the stolen data.

Intellihartx learned that it had been affected on February 2, 2023, and launched an investigation to determine the scope of the breach. Preliminary results were obtained on March 24 that indicated sensitive data had potentially been stolen, and data owners started to be notified on April 11, 2023. The comprehensive review of the affected files confirmed on May 10, 2023, that protected health information had been compromised. The review was completed on May 19, 2023.

Intellihartx’s analysis of the files exfiltrated by Clop confirmed they contained information such as patient names, addresses, dates of birth, Social Security numbers, diagnoses, medications, insurance information, and billing information. Intellihartx said it rebuilt the file transfer platform and incorporated additional security measures to prevent similar breaches in the future and has now notified affected individuals and offered them complimentary access to credit monitoring services.

Cyberattack Impacts Petaluma Health Center Patients

Petaluma Health Center in California has sent notifications to current and former patients alerting them to the potential theft of some of their protected health information. A network security incident was detected and promptly blocked on March 14, 2023, and while the forensic investigation found no evidence to indicate theft and misuse of patient data, data theft could not be ruled out.

The files potentially accessed in the attack included first names, last names, addresses, dates of birth, Social Security numbers, medical information, and health information, with the affected data varying from individual to individual. Security has been enhanced to prevent similar breaches in the future and affected individuals have been offered complimentary single-bureau credit monitoring services.

It is currently unclear how many individuals have been affected.

North Shore Medical Labs Notifies Patients About Cyberattack and Data Theft Incident

The Williston Park, NY-based clinical reference laboratory, North Shore Medical Labs, has started notifying individuals that some of their protected health information was exposed in a data security incident detected on March 29, 2023. The investigation revealed on May 12, 2023, that files were potentially accessed and stolen that contained names, birth dates, and medical laboratory information.

A malicious actor first gained access to its systems on December 22, 2022, and access was blocked on March 31, 2023. The forensic investigation confirmed that files were exfiltrated from its systems between March 17 and March 31. North Shore Medical Labs said it is unaware of any misuse of patient data as a result of the incident. Data protection policies and training protocols have been reviewed and security measures and monitoring tools enhanced to mitigate any risk associated with the incident and to prevent further security incidents in the future.

The breach was reported to the HHS’ Office for Civil Rights as affecting 500 individuals – a placeholder often used to meet reporting requirements until the full extent of the breach is known.

The post Intellihartx Victim of Fortra GoAnywhere Hack: 490,000 Individuals Affected appeared first on HIPAA Journal.