Onix Group Reports Ransomware attack and Data Breach
Learn More
Onix Group, LLC, a company that operates several healthcare facilities reported that a recent cyberattack resulting in an unauthorized party gaining access to confidential consumer data.
The ransomware attack was detected by Onix Group on March 27, 2023. In response, Onix Group took immediate measures to secure its systems and initiated an investigation with the assistance of external cybersecurity professionals.
The investigation conducted by Onix Group determined that an unauthorized party had gained access to certain sections of the company's computer network between March 20, 2023, and March 27, 2023. It was also discovered that the hackers had removed some files from the network, and these files contained confidential consumer information.
Upon discovering that sensitive consumer data had been exposed to an unauthorized party, Onix Group began reviewing the compromised files to ascertain the extent of the information that was compromised and identify the affected consumers. The breached information may vary depending on the individual, but it may include personal details such as names, Social Security numbers, dates of birth, as well as scheduling, billing, and clinical information.
To ensure affected individuals were promptly informed, Onix Group sent out data breach notification letters to the affected individuals. The notifications were provided to consumers who had received services from Addiction Recovery Systems, Cadia Healthcare, Physician's Mobile X-Ray, and Onix Hospitality Group.
Update
After conducting a forensic investigation, it was determined that unauthorized access to the systems occurred seven days prior to the deployment of ransomware and encryption of files. During this period, the cyber actors managed to exfiltrate sensitive data from the compromised systems.
Upon reviewing the stolen files, it was found that they contained the personal information of patients from several healthcare clients. The compromised data varied from individual to individual and potentially included
- names
- Social Security numbers
- dates of birth
- scheduling, billing, and clinical information.
Some of the files contained client information stored for HR purposes, such as employees' names, Social Security numbers, direct deposit details, and health plan enrollment information.
The breach is estimated to impact up to 319,500 individuals.
