SuspectFile reports:
The American Renal Associates (ARA) provides care to patients suffering from end-stage renal disease (ESRD) and is one of the largest dialysis service providers in the United States.
In a previous article, we reported on the theft of PHI and PII data from the servers of American Renal Associates by the Medusa ransomware group, which occurred on March 2nd. However, further investigations conducted recently have revealed a more serious situation than initially described.
Initially, it was believed that around 20,000 patients residing in various cities across the United States were involved in the data theft, but the actual number appears to be much higher. According to new documents examined, the number of patients involved is estimated to be over 37,700, although this figure is not definitive. Additionally, it is important to consider the number of employees and suppliers who have worked or are currently working for the U.S. company.
Read more at SuspectFile.