Ransomware attack on medical billing provider impacted about 140,000 patients

Medical billing and revenue management company Catalyst RCM experienced a data security incident in early November that compromised the personal, financial and healthcare information of close to 140,000 patients.

 

The revenue cyber management company, which offers healthcare companies with specialised medical billing, coding, and business analytics solutions, announced in a press release earlier in February that a data security incident involving its internal systems in November compromised sensitive data of individuals who received diagnostic laboratory testing services. 

 

The company said that on November 13, it was made aware of suspicious activity involving information stored in its secure file management system. The company quickly launched an investigation and determined that malicious actors used an authorised system login and password combination to access an internal server between November 8 and 9.

 

Based on this information, Catalyst RCM launched a thorough review of the data to ascertain how much of the compromised information was sensitive and who the data belonged to. Having completed the review on December 12, the company then began the process of notifying individuals.

 

"The categories of information that may be involved varies by individual, but could include some combination of name, date of birth, payment card information with access code, medical treatment, history, or diagnosis information, and health insurance information," the medical billing provider said.

 

"Catalyst reviewed and updated its protocols, policies, and procedures to reduce the likelihood of a similar event occurring in the future. Though we have no evidence of identity theft or fraud related to the event, we are offering complimentary credit monitoring and identity restoration services to individuals whose information may have been impacted," it added.

 

The data security incident at Catalyst RCM reportedly impacted Vikor Scientific, one of its leading clients in the healthcare industry. The Charleston-based molecular diagnostics company, now rebranded as Vanta Diagnostics, recently informed the U.S. Department of Health and Human Services Office for Civil Rights that the data security incident impacted about 140,000 patients.

 

The data security incident at Catalyst RCM also compromised patient data associated with KorPath, a Tampa, Florida-based anatomical and molecular pathology diagnostic company and Korgene, a Vikor Scientific subsidiary that provides genetic testing services, including pharmacogenetics, to analyze how genes affect a person’s response to drugs.

 

According to Catalyst RCM, the data security incident did not impact any other client aside from Viktor Scientific, KorPath and Korgene diagnostic laboratories. 

 

KorPath and Korgene did not announce the number of affected patients but the Everest ransomware group, which claimed a ransomware attack on Catalyst RCM in November, claimed that it stole about 12 gigabytes of information associated with Viktor Scientific, KorPath and Korgene. None of the affected companies have responded to the ransomware group’s claims yet.