IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Georgia fertility clinic breach exposes sensitive patient info

Around 38,000 patients data at risk

A fertility clinic based in Georgia has admitted hackers stole data holding sensitive patient information during a ransomware attack.

In a statement to patients, Reproductive Biology Associates, LLC, (RBA) said the breach affected about 38,000 patients. The clinic said it became aware of a potential data incident in mid-April when it discovered a file server holding embryology data was encrypted and inaccessible.

“We quickly determined that this was the result of a ransomware attack and shut down the affected server, thus terminating the actor’s access, within the same business day,” the statement read.

Further investigations found that hackers accessed its systems on April 7 and then a server containing protected health information on April 10. On June 7, the organization determined whose personal information was affected.

While the organization did not say if it paid a ransom, it said in the notification that it was communicating with the hackers, it managed to regain access to files. and confirmed with whoever accessed its systems that all exposed data was deleted and is no longer in its possession. 

During the investigation, the organization determined the data stolen in the ransomware attack included patients’ full names, addresses, Social Security numbers, laboratory results, and information relating to the handling of human tissue.

The RBA has engaged with a professional IT services firm to conduct interviews and analyze forensic data related to the incident. It is also offering affected individuals free identity monitoring services. 

Jamie Akhtar, CEO and co-founder of CyberSmart, told ITPro there is a growing trend with ransomware attacks to not solely encrypt data but also steal it and threaten to release it if the victim doesn’t pay the ransom. This double-extortion attack places further pressure on the victim to pay up. 

“In this case, it seems RBA has paid the ransom and received confirmation from the cybercriminals that all exposed data has been deleted. However, we cannot take their word for it. RBA has done well to set up monitoring measures to detect any misuse of exposed data, but customers should also remain vigilant, particularly to spear-phishing attacks which can open a new, fresh pipeline of cybercrime for the involved parties,” he said.

Javvad Malik, a security awareness advocate at KnowBe4, told ITPro it's essential that all organizations take the threat of cyber attacks seriously and put in place layers of security to help protect, detect, and respond to any threats in a timely manner. These should be a mix of technical, procedural, and human controls to maximize the chances of preventing an incident. 

“Organizations such as fertility clinics may consider themselves as lower risk than, say, hospitals, but the truth is that they have just as much sensitive personal information that is of value to criminals and can disrupt daily operations,” Malik said.

“Once data has been accessed by criminals, even if an organization can restore from backup or pay a ransom, there is no limitation of what the criminals can do with the stolen data. This can include selling the data on to other criminals or using the data themselves to attack unsuspecting victims."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Ransomware now strikes one in 40 organisations per week, Check Point finds
ransomware

Ransomware now strikes one in 40 organisations per week, Check Point finds

27 Jul 2022
What is zero trust?
network security

What is zero trust?

14 Jul 2022
Retbleed hardware-level flaw brings overhead woe to Intel and AMD
Hardware

Retbleed hardware-level flaw brings overhead woe to Intel and AMD

13 Jul 2022
An analysis of the European cyber threat landscape
Whitepaper

An analysis of the European cyber threat landscape

8 Jul 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022