Back in February, there were media reports that Allergy Partners in North Carolina had been impacted by a ransomware attack on February 23. The threat actors, who were not identified, reportedly demanded $1.75 million ransom.
The medical practice was able to restore services in 8 days and noted that they had not paid any ransom. A notice was posted on their site on March 3 providing a status report on the situation .
Yesterday, they issued a press release that says that on March 16, they determined that exfiltrated data included protected health information.
But it seems that they have not yet notified affected patients.
Although the review is ongoing to identify the patients whose information is reflected in these documents, Allergy Partners is aware that, for some of its patients, the documents may contain one or more of the following: name, address, date of birth, health insurance information, driver’s license number, Social Security number, financial account numbers, and/or clinical, diagnosis, and/or treatment information.
Once the review is complete, Allergy Partners will mail letters to all patients whose information is identified in the documents involved.
DataBreaches.net has not seen any data from this incident on any dark web dedicated leak sites, but will update this post if data are found in the wild.