The digital pharmacy and health app developer Ravkoo based in Auburndale, FL has started sending notification letters to a number of patients regarding an unauthorized individual who viewed and potentially stole some of their sensitive personal information.
Ravkoo uses Amazon Web Services (AWS) for hosting its online prescription portal. The website had a cyberattack that was discovered on September 27, 2021. Upon finding of the security breach, Ravkoo took immediate steps to secure the site and engaged third-party cybersecurity specialists to help in the forensic investigation, mitigation, restoration, and remediation work.
The investigation affirmed the exposure of sensitive patient data, including names, phone numbers, addresses, selected prescription data, and limited medical information. Ravkoo stated the impacted site did not have any Social Security numbers, which are not kept in the breached portal. The forensic investigation found no evidence that indicated the misuse of data contained within the portal.
Ravkoo already submitted the cyberattack report to the Federal Bureau of Investigation (FBI) and is assisting with the inquiry. Ravkoo additionally has employed forensics professionals to evaluate the security of its AWS environment. Steps are now being done to enhance security to avoid other data breaches later on.
The data breach report has been sent to the Department of Health and Human Services’ Office for Civil Rights indicating that around 105,000 people were affected. Affected persons are being provided complimentary membership to Kroll’s online credit monitoring service as a safety measure, which comes with access to resolution services in case of identity theft.
The Intercept’s Micah Lee mentioned in a September 28, 2021 tweet that a hacker had professed responsibility for the attack on Ravkoo and stated the pharmacy website was easy to hack and required the use of a hidden admin website that any user is able to log in to and access patient information.