BayMark Well being Providers, North America’s largest supplier of substance use dysfunction (SUD) remedy and restoration companies, is notifying an undisclosed variety of sufferers that attackers stole their private and well being data in a September 2024 breach.
The Texas-based group supplies medication-assisted remedy (MAT) companies concentrating on each substance use and psychological well being issues to greater than 75,000 sufferers day by day in over 400 service websites throughout 35 U.S. states and three Canadian provinces.
In knowledge breach notification letters mailed to affected people, BayMark revealed that it realized of the breach on October 11, 2024, following an IT techniques disruption. A follow-up investigation revealed that the attackers accessed BayMark’s techniques between September 24 and October 14.
“On October 11, 2024, we realized of an incident that disrupted the operations of a few of our IT techniques. We instantly took steps to safe our techniques, launched an investigation with the help of third-party forensic consultants, and notified legislation enforcement,” Baymark explains in an announcement printed on its web site.
“Our investigation decided that an unauthorized social gathering accessed a few of the recordsdata on BayMark’s techniques between September 24, 2024 and October 14, 2024. We then initiated a evaluate and evaluation of these recordsdata.”
Paperwork uncovered in the course of the incident contained varied sorts of knowledge for every affected affected person, together with their names and:
- Social Safety quantity,
- driver’s license quantity,
- date of delivery,
- companies obtained and dates of service,
- insurance coverage data,
- treating supplier and remedy and/or diagnostic data.
Baymark is now providing a yr of free Equifax id monitoring companies to sufferers whose Social Safety numbers or driver’s license numbers might have been uncovered within the incident.
A Baymark spokesperson was not instantly obtainable for remark when contacted by BleepingComputer earlier at present for extra data on the breach, together with the entire variety of affected sufferers.
Whereas the healthcare service supplier didn’t present additional particulars concerning the September assault, the RansomHub ransomware gang claimed the breach in October, saying it stole 1.5TB of recordsdata from Baymark’s compromised techniques. The information has since been uploaded on the risk actors’ darkish internet leak web site.
The RansomHub ransomware-as-a-service (RaaS) operation (previously referred to as Cyclops and Knight) surfaced virtually one yr in the past, in February 2024, and is targeted on data-theft-based extortion reasonably than encrypting victims’ techniques.
Since then, it has claimed accountability for a number of high-profile victims, together with the Ceremony Assist drugstore chain, the Christie’s public sale home, U.S. telecom supplier Frontier Communications, the Deliberate Parenthood sexual well being nonprofit, Kawasaki’s EU division, the Bologna Soccer Membership, and oil companies big Halliburton.
RansomHub additionally leaked Change Healthcare’s stolen knowledge after the BlackCat/ALPHV ransomware operation shut down after stealing $22 million in an exit rip-off.
Because it surfaced, the FBI says RansomHub ransomware associates have breached over 200 victims from a variety of crucial U.S. infrastructure sectors, together with authorities, crucial infrastructure, and healthcare, till August 2024.
The BayMark Well being Providers breach notifications come after the U.S. Division of Well being and Human Providers (HHS) proposed updates to the Well being Insurance coverage Portability and Accountability Act of 1996 (HIPAA) to safe sufferers’ well being knowledge in response to a surge of large healthcare safety breaches impacting affecting hospitals and People lately.
In October, UnitedHealth confirmed that it suffered essentially the most vital healthcare breach lately after the February Change Healthcare ransomware assault that affected greater than 100 million people.