Fortra GoAnywhere hack impacted the University of Toledo Medical Centre

The University of Toledo Medical Centre in the US state of Ohio suffered a data breach after its debt collection service provider IntelliHartx became a victim of hackers exploiting a zero-day vulnerability in Fortra’s GoAnywhere MFT file transfer application.

Earlier this month, Ohio-based patient billing and management solutions provider Intellihartx, also known as ITx Companies, LLC, said it suffered a data breach that compromised the sensitive personal information of almost 500,000 patients.

The company said in an incident notification filed with the office of the Attorney General of Maine that on 2nd February, it discovered that its secure file transfer software provider Fortra was a victim of a cyber security incident.

The University of Toledo Medical Centre, one of the many organisations that use ITx as a service provider, said that it received a notification from ITx in April about a possible data breach.

“The University of Toledo is among the healthcare organizations impacted by the patient data privacy incident affecting Fortra. The company provides secure file transfer services for ITx, an agency that works with healthcare clients to collect patient open balances, including the University’s medical centre and clinics,” the medical centre said in a statement.

UTMC has, however, clarified that the incident was isolated to the third-party company and did not affect UToledo’s information technology systems.

The medical centre has launched an investigation to understand the scope of the cyber security incident and is in the process of determining whether any patient information was compromised in the data breach. If UTMC identifies any personal data being compromised, it will notify affected individuals accordingly.

Intellihartx is amongst a large number of organisations that were affected by the exploitation of a zero-day vulnerability in Fortra’s GoAnywhere MFT file transfer application. Earlier this year, Florida-based healthcare management company NationsBenefits also reported a data security incident that resulted from the exploitation of the same vulnerability.

The Clop ransomware group listed NationsBenefits as a victim on its data leak site and published sensitive personal information associated with the company’s customers. The compromised data included members’ names, addresses, phone numbers, dates of birth, gender, marital status, and insurance details.