[BreachExchange] GenRx Pharmacy Ransomware Attack Resulted In Data Breach

Destry Winant destry at riskbasedsecurity.com
Mon Jan 4 11:06:43 EST 2021


https://latesthackingnews.com/2021/01/04/genrx-pharmacy-ransomware-attack-resulted-in-data-breach/

A huge cyberattack affecting the American GenRx Pharmacy potentially
resulted in a data breach. The incident affected hundreds of thousands
of patients exposing their health data.

GenRx Pharmacy Data Breach Through a recent press release, GenRx
Pharmacy, a healthcare facility headquartered in Scottsdale, Arizona,
has disclosed a data breach. The pharmacy has blamed a ransomware
attack for the breach that hit its network lately. Specifically, the
service noticed the ransomware attack on its network on September 28,
2020.

Following this incident, the service started investigating the matter
by involving IT experts. Although, the pharmacy’s business remained
unaffected during the incident as they had uninterrupted access to all
their backups. Also, they managed to quickly fend-off the attack.

As stated in the press release, "together with forensic experts, the
pharmacy terminated the cybercriminals’ access to the pharmacy’s
systems the same day (September 28, 2020) and confirmed that an
unauthorized third party deployed the ransomware only one day before
(September 27, 2020).

However, further investigations made them realize that, while the
attacks failed with the ransomware attack, they did manage to steal
some files from the company network.

The stolen data included the health information of some patients that
the pharmacy collected to manage the shipment of prescribed products.
Specifically mentioning the affected details, the notice reads, "The
cybercriminals accessed and removed the following health information
of certain former GenRx patients: patient ID, transaction ID (a number
generated to process the prescription, not related to patient
financials), first and last name, address, phone number, date of
birth, gender, allergies, medication list, health plan information
(including member ID), and prescription information." Nonetheless,
patients’ financial data and SSNs remained safe as the pharmacy
doesn’t collect this information.

While the press release doesn’t explicitly mention the number of
affected patients, the U.S. Department of Health and Human Services
breach report shows that the incident affected 137,110 patients.

What Next? Following the cybersecurity incident, GenRx strengthened
its system security by deploying additional antivirus and implementing
other security measures. Whereas, to the patients, they advise
monitoring of account statements as a precaution.


More information about the BreachExchange mailing list