Following a ransomware attack on the administrative services company, CaptureRx, at least three US healthcare providers suffered a data breach. The attach occurred on February 6, and an investigation was launched almost two weeks later, discovering that several files had been accessed by an unauthorised user. The personal health information (PHI) of more than 24,000 individuals was exfiltrated. Under the providers affected were Faxton St. Luke’s Healthcare, Thrifty Drug Stores and Gifford Health Care.
The breach affected 17,655 patients of Faxton St. Luke’s Healthcare, while 6,777 patients’ data at Gifford Health Care was accessed. Unfortunately, the number of patients of Thrifty Drug Store, whose data was stolen, remains unknown.