University of Miami Health and Mott Community College Data Compromised in Ransomware Attacks

Share this article on:

The protected health information of patients of University of Miami Health has been obtained by unauthorized individuals in a ransomware attack on the file transfer service provider Accellion.

University of Miami Health used Accellion’s file transfer technology for sharing files that were too large to send via email. The University of Miami said the Accellion solution was only used by a small number of individuals at the university and prompt action was taken to contain the incident. The university has since stopped using Accellion’s file transfer services.

The investigation into the attack is ongoing and the analysis of the files that were obtained or potentially compromised in the attack has not yet been completed, so it is not yet known exactly how many individuals have been affected.

The University of Miami does not believe any of its systems were compromised in the attack with the breach believed to be limited to files sent or received through Accellion’s file transfer solution.

The gang behind the attack demanded a $10 million ransom for the keys to decrypt data and avoid having data published online or sold on dark web marketplaces. Some of the data stolen in the attack has already been posted on the gang’s leak site, including some data relating to patients of University of Miami Health.

The University of Miami was one of several Accellion customers to be affected by the breach, including the University of Colorado, Kroger, Centene, Arizona Complete Health, and Shell Oil.

1,612 Dental Plan Members Affected by Mott Community College Ransomware Attack

Mott Community College has notified 1,612 individuals that files containing their protected health information were obtained by unauthorized individuals prior to the use of ransomware on its systems.

When the attack was discovered, a third-party cybersecurity firm was engaged to assist with the investigation to determine the extent of the security breach. The analysis revealed attackers gained access to its network on November 27, 2020 and access remained possible until January 9, 2021.

On January 23, 2021 Mott Community College discovered that sensitive data had been exfiltrated by the attackers prior to the use of ransomware, and that some of the files related to individuals covered under its self-insured dental plan. A review of those files confirmed they included names, dates of birth, and dental plan enrollment and claims information for individuals covered by the dental plan in 2014-2015, and 2019.

Notification letters were sent to all individuals affected starting on March 24, 2021. While data exfiltration was confirmed, it does not mean the contents of the files were viewed, misused, or further disclosed. Mott Community College has now implemented additional safeguards and technical security measures to prevent any further attacks, including multifactor authentication for all network and email access and additional password requirements.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.

Share This Post On