Data Breach at Intellihartx Informs 490k Patients of GoAnywhere-Related Data Breach
Online attacks, especially data breaches, have become more frequent in recent years. The healthcare industry, in particular, has struggled to keep sensitive patient information secure. In the latest incident, Intellihartx – a company providing patient balance resolution services to hospitals – has informed 490,000 individuals that their personal information was compromised in the GoAnywhere zero-day attack earlier this year.
Details of the Data Breach
The GoAnywhere cyber attack was a zero-day vulnerability in Fortra’s managed file transfer (MFT) software, leading to remote code execution that was exploited starting January 28. A patch was released one week after public disclosure, with Fortra publishing the conclusion of its investigation in April. Intellihartx concluded its review of data following the attack and identified the affected individuals. According to the company’s website, the compromised data includes names, addresses, insurance data and medical billing, diagnosis and medication information, birth dates, and Social Security numbers. The company claims it is unaware of the data being misused, but the Cl0p gang responsible for the attack has made the data available on its leak site.
Impact of the Data Breach
The GoAnywhere-related data breach has impacted several major organizations, including Community Health Systems, Rubrik, Hitachi Energy, Crown Resorts, the City of Toronto, Saks Fifth Avenue, Pluralsight, PPF, P&G, Atos, and Rio Tinto. Moreover, the Cl0p cybergang has claimed responsibility for the recent MOVEit Transfer MFT zero-day attack, which affected several major organizations, including Aer Lingus, British Airways, the BBC, Zellis, and the Canadian province of Nova Scotia.
Editorial and Advice
Data breaches have become a nightmare scenario for many companies, and healthcare entities are particularly vulnerable because of the sensitive patient information they hold. Since the start of 2021, more than 250 million healthcare records have been compromised, as per HIPAA Journal. This incident highlights the need for healthcare organizations to proactively invest in cybersecurity measures to prevent such attacks in the future. The need of the hour is to strengthen the data security policies of such companies and organizations that handle sensitive personal information. It is crucial to properly encrypt patient data and secure it by employing multiple security protocols and measures. Additionally, companies should conduct regular data audits and invest in cybersecurity training for their employees to ensure data protection policies are followed consistently.
Conclusion
Intellihartx‘s data breach should be a wake-up call for all healthcare companies. The increasing frequency of cyber attacks emphasizes the need to be proactive and implement robust data security protocols. With the healthcare industry moving towards digitizing processes, it is vital to secure patient information from unauthorized access, providing peace of mind to individuals to avert the possibility of identity theft or even medical errors. It is high time healthcare organizations take cybersecurity measures seriously and prevent data breaches before they happen, rather than responding after the fact.
<< photo by Petter Lagson >>
You might want to read !
- “Honda’s E-Commerce Platform Exposes Dealers’ Data to Risky Hackers”
- Why SQL injection vulnerabilities in file transfer systems are more critical than you think.
- The C10P Gang’s Silence on MOVEit Flaw Could Be Disastrous for Enterprises
- Examining Connections Between Ransomware Group and MOVEit Zero-Day, Founding Timing Suspect
- The Rise of Global Supply-Chain Cyberattacks: BBC, British Airways, Novia Scotia Among First Big-Name Victims
- Inside the CL0P ransomware attacks: Key technical details revealed by US cyber officials