DataBreaches.net has found a second HIPAA-covered entity that has revealed that it was affected by the Accellion attack by CLOP threat actors.
On February 25, Trillium Community Health Plan in Oregon disclosed that they had been notified by Accellion on January 25 of the cyberattack that impacted dozens of Accellion’s clients.
In Trillium’s case, the exfiltrated data included name, date of birth, insurance ID number, and health information, including medical and treatment information.
The number of members was not disclosed, but letters were sent to them on February 26 offering them one year of credit monitoring and one year of identity theft restoration services. Trillium reported that it had no indication that any data had been misused. In response to the breach, one of the things Trillium did was to stop working with Accellion. It states that it “removed all of our data files from its system.”
Trillium does not indicate whether they received any ransom demand from the threat actors. The plan is not named on CLOP’s dedicated leak site at the time of this publication.
Great information, but I had a misunderstanding. Where is the confidence that this will actually be a working scheme?
Which/whose scheme? The threat actors’ or the health plan’s? I don’t understand your question.