Medusa Ransomware Group Leaks Data Stolen from American Renal Associates
The Medusa ransomware group has leaked data stolen from American Renal Associates. Moffitt Cancer Center has been affected by a cyberattack on a vendor, and Family Health Center in Michigan and Zuckerberg San Francisco General Hospital have reported the exposure of patient data.
American Renal Associates
American Renal Associates (ARA), one of the largest providers of dialysis services in the United States and a provider of care for patients suffering from end-stage renal disease has experienced a Medusa ransomware attack. The ransomware attack has yet to be announced by ARA, but the Medusa ransomware group has leaked data allegedly stolen in the attack. The attack occurred on March 2, 2024, and affected hundreds of computers.
According to an analysis of the leaked data by Marco A. De Felice, around 5TB of data was stolen by the Medusa group including the protected health information of an estimated 37,700 patients. The leaked data includes patient names, dates of birth, phone numbers, email addresses, medical records, Social Security numbers, copies of passports and driver’s licenses, health insurance information, and company data.
Moffitt Cancer Center
Moffitt Cancer Center in Florida has announced that it has been affected by a security incident at one of its vendors. The law firm, Gunster, Yoakley, and Stewart, was provided with patient data in connection with legal services provided to Moffitt Cancer Center. Hackers gained access to the law firm’s network and may have obtained data such as names, dates of birth, Social Security numbers, driver’s license numbers, passport numbers, other government-issued identification numbers, financial account information, and medical information, including medical records numbers, health insurance benefit information, claims data, and diagnosis and treatment information.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The law firm started notifying affected individuals in April 2023; however, as the investigation progressed, it became clear that other individuals had been affected. Further notification letters were mailed in the following months, with Moffitt Cancer Center patients notified in April 2024. It is currently unclear how many Moffitt Cancer Center patients have been affected.
Family Health Center
Family Health Center in Kalamazoo, MI, has announced that it fell victim to a cyberattack that caused network disruption and impacted the functionality and access of certain systems. Prompt action was taken to contain the attack and prevent further unauthorized access on January 25, 2024, when the breach was detected and a third-party cybersecurity firm was engaged to conduct a forensic investigation.
The investigation uncovered evidence of unauthorized access to files that contained patient information. The review of those files confirmed that they contained employee information such as names, addresses, health insurance information, and Social Security numbers, and patient information such as first names, last names, and medical information. Family Health Center has reported the breach to the HHS’ Office for Civil Rights as affecting 3,240 individuals and said it has taken steps to improve security, including expanding multi-factor authentication and increasing monitoring of its network for suspicious activity.
Zuckerberg San Francisco General
Zuckerberg San Francisco General in California has announced that a medical logbook went missing in December 2023 that contained patient information. The logbook contained patient data from January 11, 2022, to December 12, 2023, including names, dates of birth, genders, medical record numbers, visit dates, dates of specimen collection, reason for specimen collection, whether a result was received, and other types of health information.
At the time of the announcement, no reports had been received to indicate any misuse of patient data. Zuckerberg San Francisco Hospital is reviewing its policies and procedures and is providing additional security awareness training to employees. The incident has been reported to the HHS’ Office for Civil Rights as affecting 755 individuals.