Medsurant Health in Pennsylvania recently notified HHS that 45,000 patients were impacted by a breach. The patients are not yet being notified, however, because it seems Medsurant is still trying to figure out who needs to be notified.
In a statement published November 29, Medsurant stated that they received an email from a threat actor on September 30, telling them that data had been accessed and exfiltrated. Despite starting an investigation promptly, it appears that data exfiltration occurred beginning September 23 and continued until November 12.
As noted above, Medsurant is working to determine who needs to be notified. They do not reveal what type of ransomware was involved, but note that although some files were encrypted, they were able to restore them. Medsurant’s statement appears below.
Medsurant_Web