August 19, 2024 at 11:42AM
Carespring Healthcare Management is notifying 77,000 individuals of a data breach that compromised personal and medical information dating back to October 2023. The investigation revealed unauthorized access to names, addresses, Social Security Numbers, and medical details. Affected individuals will receive 12 months of free identity monitoring services as the investigation continues.
It appears that the Ohio nursing home Carespring Healthcare Management experienced a data breach in October 2023, compromising personal and medical information of approximately 77,000 individuals. The breach was discovered on October 28, 2023, and an investigation revealed that unauthorized access to the network had potentially occurred between October 12, 2023, and October 30, 2023. The compromised information includes names, dates of birth, addresses, Social Security Numbers, medical and diagnosis information, and health insurance information.
Carespring has begun sending written notification letters to the affected individuals and has reported the incident to the Maine Attorney General’s Office. The organization has not found evidence of the compromised information being used for fraud, but they recommend vigilance in reviewing financial account statements and are offering 12 months of free identity monitoring services to the impacted individuals.
The investigation into the incident is ongoing, conducted by professionals and law enforcement. Although the specific type of cyberattack has not been disclosed, Carespring’s name has appeared on the leak sites of several ransomware groups, indicating a potential ransomware attack.
Additionally, it’s important to note that Carespring has been added to the leak sites of various ransomware groups, including Noescape, Hunters, and LockBit. This suggests that the stolen data may have been offered for sale or publicized by these ransomware groups.
Lastly, related news of ransomware attacks on other organizations is also mentioned, indicating a broader trend of ransomware incidents across different industries. This situational awareness could be valuable for the organization’s risk assessment and security planning.
Overall, this information highlights the urgency of strengthening cybersecurity measures and adopting proactive strategies to prevent and respond to data breaches and cyberattacks.