By - BayMark Health Services confirmed suffering a cyberattack in September 2024
- Crooks stole Social Security numbers, driver’s license numbers, and more
- The company did not say how many people were affected
BayMark Health Services, a US healthcare provider which helps people treat and recover from drug abuse and mental health problems, has confirmed suffering a cyberattack and losing sensitive patient data.
In a filing with the Attorney General of California, which includes a letter sent to affected individuals, BayMark said that the attack happened in September 2024, but did not state how many people lost their data:
“On October 11, 2024, we learned of an incident that disrupted the operations of some of our IT systems. We immediately took steps to secure our systems, launched an investigation with the assistance of third-party forensic experts, and notified law enforcement,” the breach notification letter says. “Our investigation determined that an unauthorized party accessed some of the files on BayMark’s systems between September 24, 2024 and October 14, 2024. We then initiated a review and analysis of those files.”
RansomHub
The subsequent investigation, which concluded in early November, determined that the threat actors took people’s Social Security numbers (SSN), driver’s license numbers, dates of birth, the types of services received, the dates of the service, insurance information, treating providers, and treatment/diagnostic data. More than enough for phishing, identity theft, and other forms of cybercrime.
To mitigate the incident, BayMark is offering a year’s worth of Equifax identity monitoring services for free to affected patients.
While the company did not discuss who the attackers were, BleepingComputer uncovered that the RansomHub ransomware gang took responsibility and added BayMark to its data leak site. There, the miscreants said they stole 1.5TB of sensitive data, which they uploaded to the leak site, as well. This would mean that BayMark most likely did not pay the ransom demand.
RansomHub is a relatively young ransomware operation which emerged after the infamous ALPHV group stole $22 million from ChangeHealthcare and disappeared.
Via BleepingComputer
