Illinois fertility clinic and online pharmacy giant Ravkoo are reporting data breaches

Illinois fertility clinic and online pharmacy giant Ravkoo are reporting

The online pharmacy company Ravkoo and Fertility Centers of Illinois (FCI) have both alerted thousands of past and present patients of a data breach that contained pieces of information they are aware.

The Iris HIPAA 79,943 current and former patients were sent breach notification letters containing passport numbers, Social Security numbers, financial account information, payment card information, handling information, doctors, billing information / medical claims, drug / medication information and Medicare / Medicaid indication information released.

The breach also included much more patient information related to treatment and health insurance as well as some staff information.

FCI said it had "become aware of suspicious activity on its internal systems" on February 1 and concluded that patient information was in place by August. told victims but said in the announcement that they offer a year of free credit check and identity theft protection services.

FCI was not the only health care center dealing with fractures. Ravkoo internet pharmacy service also notified customers of a data breach that contained their information.

In a letter sent to New Hampshire Attorney General Gordon McDonald, Florida-based Ravkoo said hackers had tried to crack down on their AWS hosting cloud command portal. entered on 27 September.

After hiring a cybersecurity company, CEO Alpesh Patel said the company was notified on Oct. 27 that names, postal addresses, phone numbers, prescriptions and medical information had been released.

Breach notification letters were issued Jan. 3, and the FBI was notified, according to a Ravkoo website notification. Victims of Kroll Information Assurance are offered one year of free online identity verification service.

READ  The Trouble with 'Encanto'? It's too hard to be popular

In September, the hacker behind the attack on Ravkoo said infosec director The Intercept Micah Lee that Ravkoo was "incredibly easy" to slow down and had access to the hundreds of thousands of prescriptions filed by the company from 2022.

According to the hacker The Intercept, the Ravkoo site had "a hidden admin panel that all users can log in and see all the data."

Multiple fertility clinics reported data breaches in 2022, including ReproSource owned by Georgia-based Quest and Reproductive Biology Associates, as well as the North Egg North American affiliate My Egg Bank.

Jake Williams, CTO at BreachQuest, explained that it is not uncommon for medical organizations to store patient data outside of their electronic health record system and said that this is likely to be the case with FCI.

Theft of admin and other high-profile accounts gives hackers access to extensive data and is often a single point of failure, according to nVisium's Ben Pick.

Related Posts

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Subir

We use cookies to ensure that we give the best user experience on our website. If you continue to use this site we will assume that you agree. More information