Clinical Review Vendor Reports Data Breach


A cyber-attack on the Medical Review Institute of America (MRIoA) may have exposed the personal data of 134,571 individuals.

MRIoA, which is based in Salt Lake City, Utah, said it was “the victim of a sophisticated cyber incident” discovered on November 9, 2021, that resulted in a threat actor’s gaining unauthorized access to its network and exfiltrating data.

MRIoA, which provides clinical reviews and virtual medical opinions, said attackers broke into its computer system by exploiting an alleged vulnerability in a product made by SonicWall. 

Information affected by the incident may have included first and last name, gender, home address, phone number, email address, date of birth and Social Security number; clinical information, such as medical history/diagnosis/treatment, dates of service, lab test results, prescription information, provider name, and medical account number; and financial information, including health insurance policy and group plan number, group plan provider, and claim information.

In a breach report filed with the Maine attorney general, MRIoA stated that it had “retrieved and subsequently confirmed the deletion” of the information exfiltrated in the attack.

A list of 31 MRIoA clients whose were affected by the cyber-attack was included in the breach report. 

Featured on the list are Horizon Blue Cross Blue Shield of New Jersey, five different branches of Blue Cross and Blue Shield, and the University of Arkansas Medical Benefit Plan.

MRIoA said it is taking steps to beef up its cybersecurity posture. Improvements include constant monitoring of its systems with advanced threat hunting and detection software, and the addition of extra authentication protections to protect system access.

In the wake of the attack, MRIoA said it had new servers “built from the ground up to ensure all threat remnants were removed.”

In a comment issued on Wednesday to ISMG, SonicWall stated: “It is SonicWall’s understanding that the product issue referred to is related to a known vulnerability that was reported and patched by SonicWall.”

The firewall maker confirmed that an intruder had accessed MRIoA’s environment through a SonicWall vulnerability on November 2, 2021.

“That has since been resolved and MRIoA’s environment has been secured,” stated a SonicWall spokesperson.

Products You May Like

Articles You May Like

How Arid Viper spies on Android users in the Middle East – Week in security with Tony Anscombe
New Attack Technique ‘Sleepy Pickle’ Targets Machine Learning Models
Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan
Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale
U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain

Leave a Reply

Your email address will not be published. Required fields are marked *