Clinical Review Vendor Reports Data Breach

Security

A cyber-attack on the Medical Review Institute of America (MRIoA) may have exposed the personal data of 134,571 individuals.

MRIoA, which is based in Salt Lake City, Utah, said it was “the victim of a sophisticated cyber incident” discovered on November 9, 2021, that resulted in a threat actor’s gaining unauthorized access to its network and exfiltrating data.

MRIoA, which provides clinical reviews and virtual medical opinions, said attackers broke into its computer system by exploiting an alleged vulnerability in a product made by SonicWall. 

Information affected by the incident may have included first and last name, gender, home address, phone number, email address, date of birth and Social Security number; clinical information, such as medical history/diagnosis/treatment, dates of service, lab test results, prescription information, provider name, and medical account number; and financial information, including health insurance policy and group plan number, group plan provider, and claim information.

In a breach report filed with the Maine attorney general, MRIoA stated that it had “retrieved and subsequently confirmed the deletion” of the information exfiltrated in the attack.

A list of 31 MRIoA clients whose were affected by the cyber-attack was included in the breach report. 

Featured on the list are Horizon Blue Cross Blue Shield of New Jersey, five different branches of Blue Cross and Blue Shield, and the University of Arkansas Medical Benefit Plan.

MRIoA said it is taking steps to beef up its cybersecurity posture. Improvements include constant monitoring of its systems with advanced threat hunting and detection software, and the addition of extra authentication protections to protect system access.

In the wake of the attack, MRIoA said it had new servers “built from the ground up to ensure all threat remnants were removed.”

In a comment issued on Wednesday to ISMG, SonicWall stated: “It is SonicWall’s understanding that the product issue referred to is related to a known vulnerability that was reported and patched by SonicWall.”

The firewall maker confirmed that an intruder had accessed MRIoA’s environment through a SonicWall vulnerability on November 2, 2021.

“That has since been resolved and MRIoA’s environment has been secured,” stated a SonicWall spokesperson.

Products You May Like

Articles You May Like

US Sanctions Crypto Exchanges for Facilitating Russian Cybercrime
British Hacker Charged in the US For $3.75m Insider Trading Scheme
New MedusaLocker Ransomware Variant Deployed by Threat Actor
Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability
NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk

Leave a Reply

Your email address will not be published. Required fields are marked *