[BreachExchange] 69, 777 Patients Impacted by Allergy and Asthma Clinic of Fort Worth Hacking Incident

Destry Winant destry at riskbasedsecurity.com
Fri Aug 7 10:17:23 EDT 2020 

https://www.hipaajournal.com/69777-patients-impacted-by-allergy-and-asthma-clinic-of-fort-worth-hacking-incident/

Allergy and Asthma Clinic of Fort Worth has discovered an unauthorized
individual gained access to its computer systems and potentially
obtained patients’ billing information. The breach was detected on
June 4, 2020 and steps were immediately taken to prevent further
unauthorized access. The breach investigation revealed the hacker
gained access to the network on May 20, 2020.

A review of the compromised computer systems revealed the hacker
potentially accessed files containing patients’ names, addresses,
telephone numbers, dates of birth, Social Security numbers, insurance
information, and information regarding the reason for visits.

Cybersecurity professionals were retained to conduct a review Allergy
and Asthma Clinic of Fort Worth’s security measures and additional
protections will be implemented, as appropriate, to strengthen network
security to prevent further data breaches.

The breach report submitted to the Department of Health and Human
Services’ Office for Civil Rights indicates 69,777 individuals were
affected by the breach.

Chinese Hackers Targeted Biotech Firm Working on COVID-19 Vaccine

The Massachusetts-based biotech firm Moderna has been targeted by
hackers looking for COVID-19 research data. Moderna has been working
on a vaccine for COVID-19 and announced its vaccine candidate in
January. According to Reuters, the firm identified “information
reconnaissance activities” in January and has been in contact with the
FBI over the suspected attack.

The firm is believed to have been targeted by the Chinese hackers
indicted by the Department of Justice in July for conducting an
11-year campaign of cyber espionage attacks on U.S. businesses and
government agencies.

The reconnaissance is believed to have been part of an attempt to
steal data related to Moderna’s mRNA COVID-19 vaccine, which has
recently entered a phase III clinical trial.

“Moderna remains highly vigilant to potential cybersecurity threats,
maintaining an internal team, external support services and good
working relationships with outside authorities to continuously assess
threats and protect our valuable information,” said Moderna
spokesperson Ray Jordan.

More information about the BreachExchange mailing list