Quest Diagnostics has notified the SEC about a ransomware attack in August at ReproSource, the company’s fertility clinic.
The ransomware incident resulted in a data breach, revealing roughly 350,000 ReproSource patients’ health and financial information.
According to Quest, ReproSource informed them of a data security issue in which an unauthorized party may have accessed or gained certain patients’ protected health data and personally identifiable information.
An unauthorized user gained access to the ReproSource network on August 8, 2021. On the morning of August 10, ReproSource detected ransomware, shut down all network connections in less than an hour, and controlled the problem.
ReproSource began an investigation right away to establish the cause and severity of the mishap. It enlisted the support of renowned cybersecurity professionals to help with our investigation, which resulted in the ransomware being contained and operations being promptly and safely restored. ReproSource also alerted law enforcement right away.
On September 24, ReproSource began mailing breach notification letters to victims, according to Quest. The victims were informed that names, addresses, dates of birth, email addresses, phone numbers, and billing information were the personal information exposed during the ransomware attack.
During the hack, a lot of health information was also exposed. Quest admitted that driver’s license numbers, passport numbers, Social Security numbers, financial account numbers, and/or credit card numbers were also revealed in the incident.
In the regulatory filing, Quest said that the event at ReproSource had little impact on the parent organization, although it was a ransomware attack. Quest also said it had cybersecurity insurance and didn’t expect the strike to have the same financial impact as other ransomware attacks.
ReproSource is giving victims free credit and identity monitoring services through Kroll, although the company did not specify how long these services would be available.
Healthcare facilities continue to be targeted by ransomware attacks throughout the world, owing to the sensitive information they are required to gather on patients, staff, and visitors. Hundreds of people have been affected this year, and the situation shows no signs of abating.