Nationwide fertility clinic says hackers may have stolen sensitive information on patients

Patient medical histories and Social Security numbers at risk in the attack, the company, US Fertility, said 

Graig Graziosi
Friday 27 November 2020 21:47
Comments
Cyber-attack: MalwareTech on how he "accidentally" halted the spread of the ransomware

US Fertility, which has 55 clinics across the country, reported that it was victim of a ransomware attack and that the names, addresses and in some cases the private health information and Social Security numbers of patients may have been stolen.

The company issued a statement saying hackers "acquired a limited number of files" in a ransomware attack on 14 September that was fixed six days later.

The company did not say how many patients were affected by the attack. It is unclear why the company waited two months to reveal it was attacked.

"The forensic investigation is now concluded and confirmed that the unauthorized actor acquired a limited number of files during the period of unauthorized access which occurred between August 12 and September 14, when the ransomware was executed," the company said in a statement.

In a ransomware attack, hackers will steal data before locking the victims out of their networks. The hackers then demand a payment of some kind before they will restore the systems. If the ransom is not paid, then the hackers will frequently threaten to publish the data they have stolen.

The company said the attack may have included private health data that could contain patient's medical histories, test results or medical records.

In response to the attack, the company said it has strengthened its firewall and has notified those whose data was at risk.

"We sincerely apologize that this incident occurred and remain committed to safeguarding the privacy and security of the information entrusted to us," the company said in a statement. "We have no evidence of actual misuse of any individual’s information as a result of this incident."

Mark Segal, the Chief Executive Officer of USF, said the company took the breach seriously and was "committed to protecting the security and confidentiality of health information we gather in providing services to individuals."

The company has locations in New York City, Florida, Georgia, Pennsylvania, Illinois, Alabama, Nevada, Missouri, California, North Carolina, Washington and Virginia. 

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in