Medical Review Institute of America Breach Affects Hundreds
Table of Contents
- By Steven
- Published: Oct 11, 2022
- Last Updated: Oct 11, 2022
The Medical Review Institute of America (MRIoA) has over 800 clients worldwide. MRIoA is a service that “delivers technology-enabled review services that increase member satisfaction.” Sources say that the breach affected all of the institute’s customers.
How Did the Attack Occur?
The investigation into the methodology of the attack is ongoing. We aren’t exactly sure what happened to cause the breach, but we know that MRIoA immediately stopped the violation. It gathered the affected information and claimed that the hackers deleted all of the data from their network. This would insinuate that the company paid some sort of ransom, resulting in the recovery and deletion of the stolen data.
What Information Was Viewed or Stolen?
The stolen information includes the following:
- Birthdays
- Insurance information
- Phone numbers
- Gender
- Lab tests and results
- Physical addresses
- Emails
- Bank information
- Social security numbers
- Medical history and other data, including conditions, prescriptions, and diagnoses
- Account numbers
Many patients are now fearing the worst. With the amount of information the hacker had access to, there is practically no limit to what they could do with the data if they didn’t delete it as promised.
How Did MRIoA Admit to the Breach?
“The security and privacy of the information contained within our systems is a top priority for us, and we were shocked and dismayed to learn that we were one of the thousands of victims of this type of cyberattack,” said the CEO, Ron Sullivan. “We are fully committed to protecting the information on our systems and sincerely regret the inconvenience and worry caused by this incident. We thank the community, our employees, and partners for their support during this event.” Sullivan released the statement the same day the Medical Review Institute of America retrieved the compromised data.
What Will Become of the Stolen Information?
Looking at what kind of information the bad actor had access to, almost anything can come from it. They could sell it or use it for their own gain. They could collect the paychecks or 401Ks of the affected individuals, use their names and SSNs to open accounts or leases under the victim's name, or use the credit/debit card information to buy things far beyond the victim's budget. All of this can come back to haunt the target; a missed paycheck or two might be the least of their worries. The attack could ruin their credit scores, empty their bank accounts, and destroy their finances.
What Should Affected Parties Do in the Aftermath of the Breach?
In the aftermath of the breach, you or a loved one can take plenty of steps to protect yourselves. You can download device-searching software that will alert you to things like ransomware or can even let you know when your information is on an unauthorized site or platform. This can allow you to get in touch with the proper authorities to handle the situation and keep you and your family safe.
