A healthcare provider from Pennsylvania issued a ransomware alert after 9 months and confirmed that the hackers accessed personal data from its servers and might misuse it anytime. The reason for the delay in informing the affected people is yet to be revealed, but sources state that the identification, analysis, recovery and mitigation took most of the time and made the non-profit organization make the incident public on January 10th,2023.
Going deep into the details, Maternal & Family Health Services aka MFHS in short, released a press statement, last weekend that a ransomware gang compromised its servers in April 4th of last year and admitted that the malware attack could have taken place in August 8th, 2021 or even before.
Although MFHS did not mention the exact number of affected residents, estimates are in that 461070 people, including 68 residents from Maine, patient info, employee info and vendors details were accessed by hackers in the attack.
Unidentified people familiar with the matter say that details such as names, addresses DOBs, driver license numbers, social security numbers, health insurance details, medical history, and financial info such as credit and debit card details were accessed by hackers
Info on who was behind the ransomware attack, whether the US Family planning NFP organization paid any ransom to recover data is yet to be illustrated.
NOTE- Ransomware spreading gangs has a penchant for healthcare related data as it offers great value when sold on the dark web.