Ransomware attack on health care company, CaptureRx, exposes multiple providers

A ransomware attack against CaptureRx, a drug-related administrative service provider in San Antonio, Texas, resulted in the exposure of the health information of patients or customers at several health care providers across the U.S., reports ZDNet. Faxton St. Luke’s Healthcare and the Lourdes Hospital in New York, Gifford Health Care in Randolph, Vermont, and UPMC Cole and UPMC Wellsboro in Pennsylvania, along with several Thrifty Drug Stores reported that their patients or customers’ health information were exposed and stolen in the incident. According to CaptureRx, its team began an investigation of its systems after being notified Feb. 6 of an “unusual activity involving certain of its electronic files.” The company confirmed by Feb. 19 that patient files, including prescription information, names, medical record numbers and dates of birth, have been accessed and stolen. The company alerted all of the affected healthcare providers from March 30 to April 7. They also helped the providers contact all individuals who may have had their information compromised.