Cyber attack on NorthBay Healthcare impacted over 570,000 patients

Non-profit healthcare provider NorthBay Healthcare Corporation said that the data security incident it suffered last year compromised the sensitive personal information of almost 570,000 individuals.

 

In a data security incident notice filed with the Office of Maine Attorney General, the Fairfield, California-based healthcare firm said that on February 23, 2024, it identified suspicious activity in its internal network. The healthcare provider immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

The investigation determined that an unauthorised threat actor gained access to the internal network of NorthBay Health between January 11, 2024 and April 1, 2024. NorthBay did not clarify why it took them more than 6 weeks to remove the unauthorised access from its network.

 

The compromised data included names, dates of birth, Social Security numbers, passport numbers, financial account numbers, medical information, biometric information, health insurance information, driver’s license numbers, state or other government-issued identification numbers, usernames and PINs.

 

The organisation’s filing with the Maine state regulator revealed that at least 569,012 individuals were impacted by the cyber security incident.

 

“We have taken steps to reduce the risk of this type of incident occurring in the future, including enhancing our technical security measures,” NorthBay Health said.

 

While the healthcare provider found no evidence of the compromised data being misused, it has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. It has also offered one year of complimentary identity protection and credit monitoring services through Experian Identity Works 3B to all affected individuals.

 

 

In April, the Embargo ransomware group claimed responsibility for hacking into the internal network of NorthBay HealthCare and listed it as a victim on its data leak site. However, it later removed the organisation from its leak site, possibly indicating that the healthcare provider made a ransom payment.