New Hampshire-based orthopedic service provider Access Sports recently disclosed a data breach impacting over 88,000 individuals.
The incident, discovered on May 10, was caused by a ransomware attack the company suffered.
After noticing unusual activity on its network, the company launched an extensive investigation, which revealed that threat actors had gained unauthorized access to files containing critical data on the network.
The compromised data included names, dates of birth, Social Security Numbers (SSNs), financial information, health insurance details and medical records.
Upon learning of the incident, Access Sports notified affected individuals and regulatory bodies, including the Maine Attorney General’s Office.
According to the notification sent to impacted individuals, the company believes there is no direct evidence that third parties have misused the stolen data.
“As of this writing, Access Sports has not received any reports of related identity theft since the date of the incident (May 10, 2024, to present),” reads the security advisory.
However, Access Sports offered complimentary fraud protection to all affected parties to mitigate any potential risk.
Shortly after the breach was detected, a ransomware group called Inc Ransom claimed the attack and listed the company on its dark web leak site.
The cybercrime group claims to have published extensive records allegedly exfiltrated from the company’s network, including contracts, confidential documents, financial data and employee records.
Inc Ransom emerged in July last year and has since actively targeted various organizations in the education, healthcare and government sectors.
After documenting the gang’s modus operandi, cybersecurity experts found the gang typically breaches systems, encrypts data, and steals potentially valuable information to leverage ransom payments.
Despite best cybersecurity practices, sometimes data can still leak out due to factors beyond the users’ control, including vulnerabilities in third-party systems, zero-day exploits, or a lack of appropriate security measures somewhere in the chain.
Specialized software like Bitdefender Digital Identity Protection can shield you from the dangers of data breaches by offering comprehensive monitoring of your online data and instantly notifying you of any breach involving it on both public and Dark Web sites.
It provides a comprehensive overview of your online data, including traces from services no longer used, and lets you instantly patch holes in your digital footprint with easy, one-click actions.
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsSeptember 06, 2024
September 02, 2024
August 13, 2024
July 25, 2024