Brightline, a pediatric mental health provider, warned patients that a data breach occurred on January 30th, affecting 783,606 people.
Brightline posted a notice on its website earlier this week, saying the breach was related to a zero-day vulnerability in its secure file-sharing platform, Fortra GoAnywhere MFT.
“Through its investigation, Fortra said it had identified a previously unknown vulnerability that an unauthorized third party used to gain access to certain Fortra customer accounts and download files. increase.
According to Brightline, an investigation determined that the incident was limited to the Fortra service and had no impact on the network. However, the data stolen in the breach included confidential patient information.
“[This] potentially [includes] A combination of the following data elements: an individual’s name, address, date of birth, member ID number, health insurance enrollment date, and/or employer name,” the company wrote.
According to Bleeping Computer, these attacks were carried out by the Clop ransomware gang using the command injection vulnerability CVE-2023-0669.
More information about the vulnerability and Clop can be found here: GoAnywhere MFT Flaw Exploited by Clop Ransomware Group
“The fact that the Clop ransomware gang was able to sustain a breach in the Brightline environment for months even after exposing it to the portal is very telling of the state of information security in the healthcare industry.” commented Associate David Benas. Principal of the Synopsys Software Integrity Group He is a consultant.
“Proactive protection against vulnerabilities is very important, but in situations like this, it is even more important, if not more important, to prove you have a strong incident response capability before you are compromised. This incident shows that it is just as important.”
James Graham, VP of RiskLens, echoed Benas’ point, saying that members of the healthcare industry are often targeted by threat actors, making healthcare organizations very secure in their cybersecurity investments. says it needs to.
“Part of this is using the FAIR standard to perform a quantitative risk assessment to provide an overview of risk in terms of probability and cost, so security investments can be made more efficiently. .”
