"CaptureRx Data Breach Impacts Healthcare Providers"

At least three American healthcare providers have suffered a data breach after a cyber-attack on an administrative services company in Texas.  CaptureRx, which is based in San Antonio, fell victim to a ransomware attack on February 6. On February 19, an investigation into the attack determined that certain files had been accessed without authorization.  Cybercriminals exfiltrated files containing the personal health information (PHI) of more than 24,000 individuals during the attack.  CaptureRx serves the Mohawk Valley Health System affiliate Faxton St. Luke’s Healthcare in New York, Thrifty Drug Stores (Thrifty White), and Gifford Health Care of Randolph, Vermont, among others.  A review of the attack, completed on March 19, determined that the security breach impacted 17,655 patients of Faxton St. Luke's Healthcare and a further 6,777 patients at Gifford Health Care. The number of Thrifty Drug Store patients affected by the attack has not yet been determined.  CaptureRx is currently unclear how many of its healthcare provider clients have been affected by the attack. Nor has the company finished its final tally of how many individuals had their PHI exposed because of the incident.  Data exposed and stolen by the ransomware attackers included names, dates of birth, prescription information, and, for a limited number of patients, medical record numbers.

Infosecurity reports: "CaptureRx Data Breach Impacts Healthcare Providers"