Pennsylvania-based nonprofit health provider Maternal & Family Health Services has confirmed cybercriminals accessed the sensitive data of close to half a million people.
MFHS revealed last week that it had been hit by ransomware that exposed the personal data of current and former patients, employees and vendors. The healthcare giant said it was made aware of the incident on April 4, 2022 but admitted that may have been initially compromised as far back as August 21, 2021.
When asked by TechCrunch at the time, MFHS declined to confirm how many individuals were affected. However, a notification from the Maine attorney general’s office this week reported that a total of 461,070 people, including 68 Maine residents, are affected by the breach.
In a letter sent to affected residents on January 10 — more than nine months after the organization was first alerted to the ransomware incident — MFHS said that attackers accessed sensitive data, including names, addresses, date of birth, driver license numbers, Social Security numbers, usernames and passwords, health insurance and medical information, and financial information. The attackers also took credit and debit card numbers, the notification said.
It remains unclear who was behind the ransomware attack, if MFHS paid a ransom demand and why the nonprofit didn’t disclose the incident sooner. MFHS didn’t immediately respond to TechCrunch’s questions on Wednesday, and it doesn’t appear that any major ransomware group has yet claimed responsibility for the incident.
https://techcrunch.com/
Cloud computing giant Rackspace has confirmed hackers accessed customer data during last month’s ransomware attack. The attack, which Rackspace first confirmed on December 6, impacted the company’s hosted Exchange email environment, forcing the web giant to shut down the hosted email service following the incident. At the time, Rackspace said it was unaware “what, if […]
ate on Friday, Twitter announced a new policy that will remove text message two-factor authentication (2FA) from any account that won’t pay for it. In a blog post, Twitter said that it will only allow accounts that subscribe to its premium Twitter Blue feature to use text message-based 2FA. Twitter users that don’t switch to a different […]
In a financial filing on Thursday, T-Mobile revealed that a hacker accessed a trove of personal data belonging to 37 million customers. The telecom giant said that the “bad actor” started stealing the data, which includes “name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of […]
Leave a Reply