Today’s post is a reminder that purging files is helpful, but remember to empty the recycle bin.
A listing on WorldLeaks’ darkweb leak site yesterday claims that WorldLeaks acquired 1.5 TB of data from MPOWERHealth, comprising 1,622,547 files.
MPOWERHealth describes itself as providing innovative healthcare solutions, specializing in Intraoperative Neuromonitoring (IONM), Surgical Assist, and Care Management. It is headquartered in Addison, Texas.
DataBreaches was able to preview part of what was tagged as an incomplete leak. The available files revealed internal files from one drive. Of greater concern, there were a lot of files with protected health information (PHI) involving health insurance claims and explanation of benefits (EOBs). Those files were sitting, intact and unencrypted, in the Recycle Bin.
In addition to all the health insurance-related files, DataBreaches also noted a file with logins and passwords and files detailing the entity’s cyberinsurance policy. DataBreaches does not know if WorldLeaks had found the policy or read it before setting the amount of their demand, and does not know how much WorldLeaks demanded.
When asked, a WorldLeaks spokesperson informed DataBreaches that they gained access to MPOWER Health on June 29, and there were some negotiations:
They were in touch with us. Their last message was: “We apologize for the delay, there have been some internal conflict that needed to be resolved before making any decisions. Additionally, there are significant concerns regarding the current price point. Is your organization willing to be flexible with the price before moving forward?”
And they are gone.
According to their answer to a follow-up inquiry, MPOWERHealth stopped responding after WorldLeaks answered their query about flexibility by stating that they needed to pay the full price. “They didn’t even argue,” the spokesperson stated.
DataBreaches emailed MPOWERHealth to ask about the incident and their response, but has received no reply to two email requests.
The amount of data and number of files was updated post-publication after WorldLeaks leaked all of the data. The full leak also contained many more files involving internal documents and insurance billing-related files.