iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Another healthcare organisation in the US has fallen victim to a major cyber attack, with almost 2.5 million people affected.
Texas-based WebTPA released a data security incident notification on its website announcing that late last year, it detected suspicious activity and has since determined a threat actor gained access to its systems.
“On December 28, 2023, we detected evidence of suspicious activity on the WebTPA network that prompted us to launch an investigation,” WebTPA said.
“Upon detecting the incident, we promptly initiated measures to mitigate the threat and further secure our network. We also launched an investigation with the support of industry-leading third-party cyber security experts and notified federal law enforcement.”
WebTPA said that a threat actor may have accessed information dated from 18 April to 23 April 2023, including names, contact information, dates of birth, dates of death, Social Security numbers and insurance information.
“Not every data element was present for every individual,” the company added.
While WebTPA did not disclose how many individuals were affected in the breach, a report submitted to the US Department of Health and Human Services on 8 May said that 2,429,175 people were affected.
It also revealed that the incident was a “hacking/IT incident” on a company network server.
News of the WebTPA incident closely follows a number of major US healthcare cyber attacks, most recently on Ascension healthcare, one of the largest private healthcare systems in the US.
Prior to that, UnitedHealth’s Change Healthcare was hacked in February, with state-sponsored hackers originally to blame.
ALPHV was paid a ransom of US$22 million, which it then pocketed without paying the affiliate behind the attack, claiming it had been taken down by the FBI as an exit strategy. Despite an angry back and forth, the affiliate, Notchy, was never paid, and thus Change Healthcare’s systems were not restored, and stolen data was not deleted.
RansomHub then claimed to have the Change Healthcare data and demanded that the organisation pay them a ransom.
After not paying the ransom a second time, RansomHub listed Change Healthcare’s data for sale. It was later discovered that the threat actors gained access to the company’s systems by using compromised credentials to access a company Citrix portal.
UnitedHealth chief executive Andrew Witty said that a “substantial proportion” of Americans were affected by the attack, only to later reveal that the number was “close to a third” of all Americans.
Witty also took responsibility for paying the US$22 million ransom.
Be the first to hear the latest developments in the cyber industry.
