Cyber-Attack on Fertility Centers of Illinois

A organization that operates numerous fertility centers across Northern Illinois has endured a data breach because of a cyber-attack.

Fertility Facilities of Illinois (FCI) reported the knowledge breach to the Section of Wellness and Human Services’ Place of work for Civil Legal rights (OCR) as affecting 79,943 latest and previous people.

The unidentified attacker experienced obtain to some of the patients’ secured wellness information and facts (PHI) and was also ready to accessibility private data belonging to FCI employees.

3rd-party laptop forensic experts were employed by FCI just after the enterprise detected suspicious network activity on February 1, 2021. 

Whilst cybersecurity actions applied by FCI ensured that the company’s electronic clinical file process could not be accessed, the attacker was ready to get into administrative files and folders. 

FCI reviewed the contents of the compromised data files and by August 27, 2021, determined that they contained a selection of client data like names in blend with just one or much more of the subsequent types of information: Social Security figures, passport numbers, fiscal account information, payment card information, diagnoses, treatment method details, clinical history figures, billing/promises details, prescription information, Medicare/Medicaid identification information and facts, wellbeing coverage group numbers, health and fitness coverage subscriber numbers, patient account numbers, come upon numbers, referring doctors, usernames and passwords with PINs, or account login facts.

Staff data most likely compromised in the cyber-attack integrated names, employer-assigned identification figures, unwell-overall health/retirement information, occupational health and fitness-similar info, health-related benefits and entitlements info, patkeys/reason for absence, and illness certificates.

Considering the fact that the attack occurred, FCI has designed improvements to its cybersecurity posture, which incorporate implementing company-course identification verification application and giving added training to its workforce on cybersecurity tactics.

Knowledge breach notifications have been mailed out to all affected individuals. FCI is offering victims complimentary credit checking and id theft safety expert services for 12 months as a result of Equifax.

Information of the FCI attack follows the theft of knowledge from America’s biggest fertility clinic operator, US Fertility, in September 2020. In November 2021, a fertility clinic in the United Kingdom also turned the target of cyber-criminals when ransomware was made use of to attack a health-related document scanning corporation made use of by Lister Fertility Clinic.

Some parts of this posting are sourced from:
www.infosecurity-magazine.com