Ransomware Attacks Affect Patients of Community Access Unlimited and CareSouth Carolina

13,813 Individuals Affected by Community Access Unlimited Ransomware Attack

Community Access Unlimited based in Elizabeth, NJ has begun sending notifications to 13,813 individuals that their PHI was saved on systems that had been accessed by unauthorized people.

On November 10, 2020, Community Access Unlimited recognized suspicious activity in its internal systems. The provider immediately took down its systems, and third-party forensics experts were engaged to find out the nature and scope of the breach.

The investigation confirmed that unauthorized people accessed its systems from June 29, 2020 to November 12, 2020, however, it was not possible to find out whether the attackers viewed or exfiltrated any patient information.

An analysis of the exposed systems revealed the following data may probably have been accessed or copied: Names, dates of birth, state identification card numbers,
driver’s license numbers, non-resident identification numbers, health data, medical insurance beneficiary numbers, and usernames and passwords.

Policies and procedures have since been analyzed and made better to lessen the potential for other attacks. Impacted persons were already alerted and complimentary credit monitoring and identity restoration services were provided to possibly impacted persons.

76,035 CareSouth Carolina Patients Affected by Ransomware Attack

CareSouth Carolina based in Hartsville, SC has informed 76,035 patients regarding the potential compromise of some of their protected health information (PHI) in a ransomware attack on Netgain Technologies, its IT vendor.

Netgain informed CareSouth Carolina on January 14, 2021 that the company had suffered a ransomware attack in December 2020, and the hackers got access to its servers that contain patient records from late November, part of which was exfiltrated prior to the deployment of ransomware.

On April 13, 2021, Netgain furnished CareSouth Carolina a copy of the information that was likely breached. CareSouth Carolina carried out an evaluation of the information and on April 27, 2021 stated that the dataset comprised patient names, address, date of birth, diagnosis/medical conditions, lab test results, medicines, and other clinical details. For some patients, Social Security numbers were also involved.

The threat actors sent Netgain a ransom demand and threatened to sell the stolen records if no payment was made. Netgain made the decision to give the ransom payment and acquired assurances that the stolen files were deleted and were not further shared.

Since the data breach, Netgain and CareSouth have implemented extra security steps to avoid any repeat attacks, and CareSouth is providing affected patients zero-cost identity theft protection services.