- The Community Health Center confirms the suffering of a data violation
- Criminals have stolen sensitive information on more than a million people
- It was not a ransomware attack, claims CHC
More than a million people may have stolen their sensitive information, after a “qualified pirate” has burst into the computer system of the Community Health Center (CHC).
The company has submitted a new report to the Maine Office of the Attorney General who declared that it had identified “an unusual activity” in its computer systems on January 2.
“The same day, we brought experts to investigate and strengthen the security of our systems. They found that a qualified criminal pirate has entered our system and has taken data, which could include your personal information. »»
No ransomware
The data stolen in this attack include people’s names, birth dates, addresses, phone numbers, emails, diagnostics, processing details, test results, social security numbers and Information on health insurance – which is more than sufficient to execute a highly personalized phishing attacks and perhaps even wire fraud.
CHC is a non -profit health care provider based on Connecticut which offers complete primary care, dental, behavioral and specialty services to poorly served communities.
However, this does not seem to have been a ransomware attack, because CHC added that the actors did not delete or lock any of the affected data. Therefore, the attack did not affect its daily operations, he added.
“We believe that we have stopped access to the criminal pirate in a few hours and that there is no current threat to our systems.”
CHC now informs people affected by violation and provides assistance, including free protection for identity theft via IDX. In the letter, CHC said that IDX will provide 24 months of credit and cyber -tan. In addition, the company has put aside a reimbursement policy of $ 1 million and promised to help recover stolen identities.
In recent months, ransomware groups have started to move away from enclosers and focus only on data theft. Apparently, it is just as effective in terms of ransom demand, but cheaper and easier to make. It seems that in this case, the CHC has not yet been asked for a ransom.
Via Techcrunch
