US medical data breach caused by the Fortra GoAnywhere vulnerability

Even though the world moved on to incidents related to exploiting MOVEit vulnerability, there are still reports of data breaches stemming from the eariler Fortra GoAnywhere expoited vulnerability.

Intellihartx, a Tennessee-based company that handles patient payment balances and collections, reported that 489,830 patients had their information compromised. The exposed data includes

• names
• addresses,
• dates of birth,
• Social Security numbers,
• medical billing and insurance details,
• diagnoses,
• medication.

This incident is part of a larger mass ransomware attack on Fortra's GoAnywhere managed file-transfer software, attributed to the Clop ransomware group, resulting in the theft of millions of patients' health information across multiple companies.

Intellihartx states they have taken immediate action to address the breach (no details), filing the required data breach notifications and initiating a written notification process for affected individuals providing them with essential details and steps to mitigate potential harm.