Ransomware attack on Community Care Alliance compromised 2.5TB of sensitive patient data

Rhode Island-based healthcare provider Community Care Alliance said that the data security incident it suffered last year compromised the sensitive personal information of approximately 115,000 individuals.

 

Headquartered in Woonsocket, Rhode Island, Community Care Alliance provides mental health, substance use treatment, housing, and social services to individuals and families in need.

 

In a data security incident notice filed with the Office of Maine Attorney General, Community Care Alliance said that on July 6, it experienced a network disruption that affected certain systems in its internal network. The healthcare provider immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“Through the investigation, we learned certain information may have been accessed or acquired by an unauthorised individual between July 1, 2024 and July 5, 2024,” reads the notice.

 

The compromised data includes names, addresses, dates of birth, driver’s license numbers, Social Security numbers, diagnosis & condition, lab results, medications, patient ID numbers, health insurance information, provider names and other treatment information.

 

The healthcare provider said in its filing with the Maine state regulator that it identified at least 114,945 individuals who were impacted by the incident.

 

“In response to this incident,  we implemented additional technical safeguards to further enhance the security of data we maintain and to prevent something similar from happening in the future,” Community Care Alliance added.

 

The healthcare provider has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general.

 

It has also offered one year of complimentary identity protection and credit monitoring services through TransUnion to all affected individuals.

 

In July, the infamous Rhysida ransomware group claimed responsibility for the cyber attack on Community Care Alliance and listed it as a victim on its data leak site. The group claimed to be in possession of a 2.5 terabyte SQL database that contained patients’ personal data, addresses, SSN phone numbers, and credit card data. 

 

The group demanded a ransom of 5 Bitcoin and gave the healthcare provider a deadline of 2 days to meet the ransom demand, threatening to leak the stolen data if Community Care didn’t comply.