- BayMark Health Services confirmed it suffered a cyber attack in September 2024
- Scammers have stolen social security numbers, driver’s license numbers, and more.
- The company did not specify how many people were affected
BayMark Health Services, a US healthcare provider that helps people treat and recover from addiction and mental health issues, has confirmed that it suffered a cyberattack and lost sensitive patient data.
In a filing with the California Attorney General, which includes a letter sent to affected individuals, BayMark said the attack occurred in September 2024, but did not say how many people lost their data:
“On October 11, 2024, we learned of an incident that disrupted the operation of some of our IT systems. We immediately took steps to secure our systems, launched an investigation with the assistance of third-party forensic experts, and notified law enforcement,” the breach notification letter states. “Our investigation determined that an unauthorized party accessed certain files on BayMark’s systems between September 24, 2024 and October 14, 2024. We then initiated a review and analysis of these files.”
RansomHub
The subsequent investigation, which concluded in early November, determined that the threat actors took social security numbers (SSN), driver’s license numbers, dates of birth, types of services receipts, dates of services, insurance information, healthcare providers, and treatment/diagnosis data. That’s more than enough for phishing, identity theft, and other forms of cybercrime.
To mitigate the incident, BayMark is offering one year of free Equifax identity monitoring services to affected patients.
Although the company did not specify who the attackers were, BeepComputer discovered that the RansomHub ransomware gang took responsibility and added BayMark to its data leak site. There, the criminals claimed to have stolen 1.5 TB of sensitive data, which they also uploaded to the leak site. This would mean that BayMark likely did not pay the ransom demand.
RansomHub is a relatively young ransomware operation that emerged after the infamous ALPHV group stole $22 million from ChangeHealthcare and disappeared.
Via BeepComputer
