Atrium and Novant Health Get Attacked and Patients Suffer in 2023
Table of Contents
- By Steven
- Sep 22, 2023
Both Atrium Health and Novant Health are health organizations that work with a large number of hospitals offering services. These v work with data from thousands of patients and enable standard hospital practices to occur. Between the two organizations, a huge number of different hospitals and private practices are involved. That's why it's upsetting to learn that both of these organizations were recently breached.
How Did the Attack Occur?
According to reports, the C10P ransomware gang gained access to the medical files available by these companies in May of 2023. During that time, the hackers located a Zero-Day vulnerability in the software and used it to access the organizations' confidential files and health information. The breach occurred between May 28 and 29 and remained until May 31. It wasn't until July 10 that it was confirmed that some patients lost their personal information.
What Information Was Viewed or Stolen?
We don't know a specific list of data taken during Atrium Health and Novant Health breach, but it's likely healthcare information, medical diagnoses, insurance information, full names, home addresses, and much more were exposed. It's also possible for things like Social Security and bank account numbers to be involved. With so many different data points being able to be involved in the breach, you could face serious issues if your information is involved.
How Did Atrium and Novant Health Admit to the Breach?
The two companies didn't put out an official press release about the data breach and instead began talking with media outlets and other concerned individuals about what was occurring. If a significant amount of health and personal information was exposed by the breach, the company must send out personalized letters to the people involved in the breach. The information wouldn't have been known if it wasn't initially found by individual media outlets and hacker journalists.
What Will Become of the Stolen Information?
It's common for the C10P ransomware gang to demand ransoms of its victims. The organization will demand a ransom, and if the money is not paid it will get rid of the information. It's common for attackers to resell stored data. The attackers will not give back the stolen data if they don't receive ransom money. It's possible the data will be spread throughout the internet, which means you could face phishing attacks and other serious problems if your data is involved.
What Should Affected Parties Do in the Aftermath of the Breach?
If this Atrium health data breach hit you, you should take immediate action to prevent your data from being misused. Your information could be leveraged for identity theft and for phishing attacks. Carefully monitor your credit and put a freeze on your credit if you notice any odd changes that would affect your credit. You should immediately start monitoring your credit and contact creditors if you notice any unexplained changes to get these professionals to help you protect yourself.