Data Leaked in Fertility Clinic Ransomware Attack
Reproductive Biology Associates says the data of 38,000 patients may have been compromised in the April cyberattack.
Reproductive Biology Associates says the data of approximately 38,000 people may have been exposed in an April ransomware attack.
In a letter from the Georgia-based fertility clinic, together with its affiliate My Egg Bank North America, attorney Matthew Maruca said the organization first became aware of a potential incident on April 16 when it discovered that a file server containing embryology data was encrypted and inaccessible.
"We quickly determined that this was the result of a ransomware attack and shut down the affected server, thus terminating the actor's access, within the same business day," he wrote in the letter. "Based on our investigation, we believe the actor first gained access to our system on April 7, 2021 and subsequently to a server containing protected health information on April 10, 2021."
Clinic officials say names, addresses, Social Security numbers, laboratory results, and other sensitive information may have been compromised in the attack.
The letter also states "access to the encrypted files was regained, and we obtained confirmation from the actor that all exposed data was deleted and is no longer in its possession." The letter does not confirm if this happened because the ransom was paid.
The letter with details on the incident can be found here.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024