US Fertility (USF) reached a $5.75 million settlement to resolve allegations of negligence following a 2020 ransomware attack and data breach that impacted nearly 900,000 individuals. USF provides IT platforms and services to a network of more than 200 physicians across 100 clinic locations and more than two dozen IVF laboratories.
In September 2020, threat actors were able to infiltrate USF’s network and encrypt a number of servers and workstations connected to its domain. USF’s initial breach notice stated that it immediately removed systems from its network upon discovery and engaged third-party experts.
Further investigation determined that an unauthorized party had acquired a limited number of files between August 12, 2020 and September 14, 2020, when they executed the ransomware attack. The information involved in the cyberattack included names, addresses, MPI numbers, dates of birth, and some Social Security numbers.
Read the source article at The HIPPA Journal