185K people's sensitive data in the pits after ransomware raid on Cherry Health
theregister.co.ukRansomware strikes at yet another US healthcare organization led to the theft of sensitive data belonging to just shy of 185,000 people.
Michigan-based Cherry Health reported a data breach to regulators on Wednesday caused by a ransomware attack back in December 2023.
The health center, which operates across six counties within the state, also revealed the scale of the sensitive data stolen by the group. In addition to names, email and home addresses, phone numbers, and dates of birth, data that could be used to increase the perceived legitimacy of a phishing campaign was also gathered:
-
Health insurance information
-
Health insurance ID number
-
Patient ID number
-
Provider name
-
Service date
-
Diagnosis/treatment information
-
Prescription information
-
Financial account information and/or social security numbers
All of these data points were mentioned in a template notification letter [PDF] prepared for bulk distribution. However, Cherry Health's report to the Office of ...
Copyright of this story solely belongs to theregister.co.uk . To see the full text click HERE