"Cyberattack on Fertility Centers of Illinois"

A company that operates multiple fertility centers across Northern Illinois has suffered a data breach because of a cyberattack.  Fertility Centers of Illinois (FCI) reported that the data breach affected 79,943 current and former patients.  The unidentified adversary had access to some of the patients’ protected health information (PHI) and could access personal data belonging to FCI employees.  FCI hired third-party computer forensic specialists after the company detected suspicious network activity on February 1, 2021.  Cybersecurity measures implemented by FCI ensured that the company’s electronic medical record system could not be accessed, but the attacker was able to get into administrative files and folders.  By August 27, 2021, FCI reviewed the contents of the compromised files and determined that they contained a range of patient data, including names in combination with one or more of the following types of information: Social Security numbers, passport numbers, financial account information, payment card information, diagnoses, treatment information, medical record numbers, billing/claims information, prescription information, Medicare/Medicaid identification information, health insurance group numbers, health insurance subscriber numbers, patient account numbers, encounter numbers, referring physicians, usernames and passwords with PINs, or account login information.  Employee information potentially compromised in the cyberattack included names, employer-assigned identification numbers, ill-health/retirement information, occupational health-related information, medical benefits and entitlements information, patkeys/reason for absence and sickness certificates.

Infosecurity reports: "Cyberattack on Fertility Centers of Illinois"