The medical equipment organization NuLife Med LLC based in Manchester, NH, has just announced that it encountered a cyberattack in March 2022. It discovered suspicious network activity on or approximately March 11, 2022, and took steps immediately to stop further unauthorized system access. The company launched an investigation to figure out the nature and extent of the attack and to help in restoring its network and systems. The investigation confirmed that unauthorized persons acquired access to its network between March 9 and March 11, 2022, and possibly viewed and stole files from its systems.
It wasn’t possible to know which files were viewed or stolen from its systems, nor the specific quantity of files that were accessed or extracted. NuLife Med sent notification letters to all individuals likely affected. The assessment of the files showed they primarily comprised protected health information (PHI) for instance names, addresses, clinical data, and/or medical insurance data. The Social Security numbers, driver’s license details, and/or financial account or credit card details of a few people were also exposed.
NuLife Med stated it is right now looking at records to attempt to discover which persons had details beyond healthcare and/or health insurance data affected, and more notifications will be sent to those people when the breach investigation is done. NuLife mentioned it has not received any report until now that indicates the misuse of any patient information.
The data breach report has been submitted to the HHS’ Office for Civil Rights indicating that 81,244 persons were impacted.
Ransomware Attack Impacts 28,000 Patients of FPS Medical Center
FPS Medical Center based in Lake Havasu City, AV recently reported it suffered a malware attack that resulted in the encryption of files on its system. The medical center detected the security breach on March 3, 2022, with the following investigation confirming the initial breach of its systems on February 28, 2022. FPS blocked unauthorized access on March 3, 2022.
The medical center launched a forensic investigation to find out whether patient data was viewed or extracted, however, it wasn’t possible to say whether any data files were viewed or copied, though the likelihood of unauthorized access and information theft cannot be eliminated.
The healthcare provider evaluated all files on the sections of the system that were impacted, which finished on April 25, 2022. The files included complete names, addresses, dates of birth, driver’s license details, medical data like treatment and diagnosis data, medical insurance data, and some Social Security numbers.
FPS Medical Center already sent notification letters to the 28,024 patients who had their PHI possibly exposed and it is going over its guidelines and procedures. It will employ extra administrative and technical safety measures to further protect the data in its networks.