- Community Health Center confirms that it suffers a data violation
- The criminals stole confidential information about more than one million people.
- This was not a ransomware attack, says Chc
More than one million people may have stolen their confidential information, after a “skillful hacker” broke into the IT system of the Community Health Center (CHC).
The company presented a new report to the Main Attorney’s Office that said he saw “unusual activity” in his computer systems, on January 2.
“That same day, we brought experts to investigate and reinforce the security of our systems. They discovered that an expert criminal hacker entered our system and took some data, which could include their personal information. “
Without ransomware
The data stolen in this attack include the names of the people, the birth dates, the addresses, the telephone numbers, the emails, the diagnoses, the details of the treatment, the results of the tests, the social security numbers and Health Insurance Information, all of which is more than enough to execute highly personalized Phishing attacks, and perhaps even wire fraud.
CHC is a non -profit medical care provider based in Connecticut headquarters that offers comprehensive primary care, dental, behavioral health and specialties to unattended communities.
However, this does not seem to have been a ransomware attack, since ChC added that the actors did not eliminate or blocked any of the affected data. Therefore, the attack did not affect its daily operations, he added.
“We believe we stopped the access of the criminal hacker in a matter of hours, and that there is no current threat to our systems.”
CHC is now notifying people affected about the violation and supply offer, including free identity theft protection through IDX. In the letter, ChC said IDX will provide 24 months of credit and monitoring of Ciberscan. In addition, the company set aside a $ 1m reimbursement policy and promised to help recover stolen identities.
In recent months, ransomware groups have begun to move away from encrypters and focus solely on data theft. Apparently, it is equally effective in terms of rescue demands, but cheaper and easier to achieve. It seems that in this case, ChC was not yet asked for a rescue.
Through Techcrunch
