BayMark Well being Providers, North America’s largest supplier of substance use dysfunction (SUD) therapy and restoration companies, is notifying an undisclosed variety of sufferers that attackers stole their private and well being data in a September 2024 breach.
The Texas-based group supplies medication-assisted therapy (MAT) companies concentrating on each substance use and psychological well being issues to greater than 75,000 sufferers day by day in over 400 service websites throughout 35 U.S. states and three Canadian provinces.
In knowledge breach notification letters mailed to affected people, BayMark revealed that it discovered of the breach on October 11, 2024, following an IT methods disruption. A follow-up investigation revealed that the attackers accessed BayMark’s methods between September 24 and October 14.
“On October 11, 2024, we learned of an incident that disrupted the operations of some of our IT systems. We immediately took steps to secure our systems, launched an investigation with the assistance of third-party forensic experts, and notified law enforcement,” Baymark explains in an announcement printed on its web site.
“Our investigation determined that an unauthorized party accessed some of the files on BayMark’s systems between September 24, 2024 and October 14, 2024. We then initiated a review and analysis of those files.”
Paperwork uncovered through the incident contained numerous sorts of knowledge for every affected affected person, together with their names and:
- Social Safety quantity,
- driver’s license quantity,
- date of start,
- companies acquired and dates of service,
- insurance coverage data,
- treating supplier and therapy and/or diagnostic data.
Baymark is now providing a yr of free Equifax id monitoring companies to sufferers whose Social Safety numbers or driver’s license numbers might have been uncovered within the incident.
A Baymark spokesperson was not instantly out there for remark when contacted by BleepingComputer earlier in the present day for extra data on the breach, together with the entire variety of affected sufferers.
Whereas the healthcare service supplier didn’t present additional particulars concerning the September assault, the RansomHub ransomware gang claimed the breach in October, saying it stole 1.5TB of information from Baymark’s compromised methods. The information has since been uploaded on the menace actors’ darkish internet leak website.
The RansomHub ransomware-as-a-service (RaaS) operation (previously often known as Cyclops and Knight) surfaced nearly one yr in the past, in February 2024, and is targeted on data-theft-based extortion moderately than encrypting victims’ methods.
Since then, it has claimed duty for a number of high-profile victims, together with the Ceremony Assist drugstore chain, the Christie’s public sale home, U.S. telecom supplier Frontier Communications, the Deliberate Parenthood sexual well being nonprofit, Kawasaki’s EU division, the Bologna Soccer Membership, and oil companies large Halliburton.
RansomHub additionally leaked Change Healthcare’s stolen knowledge after the BlackCat/ALPHV ransomware operation shut down after stealing $22 million in an exit rip-off.
Because it surfaced, the FBI says RansomHub ransomware associates have breached over 200 victims from a variety of vital U.S. infrastructure sectors, together with authorities, vital infrastructure, and healthcare, till August 2024.
The BayMark Well being Providers breach notifications come after the U.S. Division of Well being and Human Providers (HHS) proposed updates to the Well being Insurance coverage Portability and Accountability Act of 1996 (HIPAA) to safe sufferers’ well being knowledge in response to a surge of large healthcare safety breaches impacting affecting hospitals and People in recent times.
In October, UnitedHealth confirmed that it suffered probably the most important healthcare breach in recent times after the February Change Healthcare ransomware assault that affected greater than 100 million people.
