Security News > 2021 > June > Embryology Data Breach Follows Fertility Clinic Ransomware Hit

A fertility clinic serving the Atlanta area has been hit with a ransomware attack that also exposed private health information for 38,000 of its patients.

"We discovered that a file server containing embryology data was encrypted and therefore inaccessible," according to the notice.

That said, RBA also said that it "Obtained confirmation from the actor that all exposed data was deleted and is no longer in its possession." It also did a scan of the Dark Web to see if the data was circulating.

It's unclear which ransomware was involved in the attack, or whether RBA paid the ransom to recover control of its encrypted server and have the stolen data destroyed.

"Organizations such as fertility clinics may consider themselves as lower risk than, say, hospitals, but the truth is that they have just as much sensitive personal information that is of value to criminals and can disrupt daily operations," said Javvad Malik, security awareness advocate at KnowBe4, via email.

"Once data has been accessed by criminals, even if an organization can restore from backup or pay a ransom, there is no limitation of what the criminals can do with the stolen data. This can include selling the data on to other criminals or using the data themselves to attack unsuspecting victims."

News URL

https://threatpost.com/embryology-data-breach-fertility-clinic-ransomware/167087/