@briankrebs At least didn't immediately get betrayed by Medical Group Inc👨⚕️ security breach notification letter I
just got✉️ 📬 🤦 "Ransomware cyber attack" :blob_dizzy_face: Credit monitoring Norton LifeLock offer 1 year meanwhile, SSN, DOB, address, medical info :headdesk: :fire_angry:
According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical, the security breach happened around December 1, 2022.
Medicine wholesaler AmerisourceBergen has also come under attack from Lorenz ransomware.
The American biz, currently under investigation by the US Department of Justice for allegedly misplacing "hundreds of thousands" of prescription opioids, confirmed a limited breach of its systems on Friday.
"AmerisourceBergen's internal investigation quickly identified that a subsidiary's IT system was compromised," it said. "We immediately engaged the appropriate teams to limit the intrusion, contained the disruption and took precautionary measures to ensure all systems were and are now clear of any intrusions."
"After extensive review, malware was detected on some of our servers, which a threat actor utilized to access and exfiltrate data," according to a notice posted on Regal's website and filed with the California Attorney General's office.
The medical outfit said it hired third-party incident responders to assist and worked with security vendors to restore access to its systems and determine what data was impacted.
Judging from the filings with various state and federal agencies, the news wasn't good.
Extortionists stole, among other things, from the medical groups: patients' names, social security numbers, addresses, dates of birth, diagnosis and treatment information, laboratory test results, prescription data, radiology reports, health plan member numbers, and phone numbers.
And according to the US Department of Health and Human Services, which is investigating the database breach, it affected 3,300,638 people.
Further reading:1
As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals.
This page lists all breaches reported within the last 24 months that are currently under investigation by the Office for Civil Rights.
1 U.S. Department of Health and Human Services Office for Civil Rights — Breach Portal: Notice to the Secretary of HHS Breach of Unsecured Protected Health Information, last updated 3 Feb. 2023, https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf