320,000 Patients Affected by Ransomware Attack on Onix Group
The Pennsylvania-based business administration service provider, Onix Group, was the victim of a ransomware attack on March 27, 2023. When the incident was detected, its network was immediately taken offline to prevent any further unauthorized access; however, the attackers were able to encrypt files on certain systems. The forensic investigation confirmed that access to its systems was gained 7 days before ransomware was deployed and files were encrypted, and during those 7 days the cyber actors exfiltrated files containing sensitive data.
The review of the files confirmed they contained the data of patients of healthcare clients Addiction Recovery Systems, Cadia Healthcare, Physician’s Mobile X-Ray, and Onix Hospitality Group. The protected health information in the stolen files varied from individual to individual and may have included names, Social Security numbers, dates of birth, and scheduling, billing, and clinical information. Some of the files contained client information that was stored for HR purposes, including employees’ names, Social Security numbers, direct deposit information, and health plan enrollment information.
Complimentary credit monitoring and identity theft protection services have been offered to affected individuals. The breach was reported to the HHS’ Office for Civil Rights as affecting up to 319,500 individuals.
Ascension Says Breach at Vendor Exposed Patient Data
Ascension has recently started notifying 148,606 patients about a security breach at the third-party vendor, Vertex, which was used to manage its legacy websites, two of which – Seton.net and DellChildren’s.net – were breached on March 1 and 2, 2023.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Vertex engaged a forensic investigator to determine the nature and scope of the breach. The investigation is ongoing but, at this stage, it does not appear that any patient data was stolen. If data theft did occur, the information at risk includes names, addresses, Social Security numbers, credit card numbers, and insurance information. Affected individuals have been offered complimentary credit monitoring and identity theft protection services as a precaution.
Ascension has confirmed that the websites have been replaced by new websites which Ascension hosts. The breach has been reported to the HHS’ Office for Civil Rights as affecting 17,191 Ascension Seton and 1,415 Ascension Providence patients.
Daixin Team Attempts Extortion of Columbus Regional Healthcare System
The ransomware and extortion group, Daixin Team, has claimed responsibility for a ransomware attack on the non-profit Indiana health system, Columbus Regional Healthcare System, and claims to have exfiltrated 70 gigabytes of data from the 154-bed hospital. The group says it initially demanded payment of $2 million but after negotiating with the hospital or a third party, reduced the demand to $1 million; however, negotiations appear to have broken down.
Columbus Regional Healthcare System has yet to confirm the attack and it is currently unclear to what extent patient data is involved. Daixin Team is expected to start releasing the stolen data in the next few days if ransom negotiations do not resume.
