"Over 30,000 Fertility Clinic Patients Hit by Ransomware Data Breach"
Tens of thousands of Reproductive Biology Associates (RBA) patients have had sensitive personal and medical information stolen in a ransomware attack. Reproductive Biology Associates (RBA) is a US fertility clinic and was the first organization of its kind to offer IVF in the US state of Georgia and is the founding partner of the nationwide fertility clinic network My Egg Bank. In a new breach notification, RBA claimed to have first become aware of the cyber-incident on April 16 this year, when they discovered that a file server containing embryology data had been encrypted. Based on RBA's investigation, they believe the actor first gained access to their system on April 7, 2021 and subsequently to a server containing protected health information on April 10, 2021. On June 7, 2021 access to the encrypted files was regained, and RBA obtained confirmation from the actor that all exposed data was deleted and is no longer in their possession. In total, information of 38,000 patients was exposed in the incident, with full names, addresses, Social Security numbers, lab results, and "information related to the handling of human tissue" potentially impacted. RBA stated it also conducted web searches to check if any of the stolen information was being discussed or traded online and so far had no indication of such activity.
Infosecurity reports: "Over 30,000 Fertility Clinic Patients Hit by Ransomware Data Breach"