Maternal & Family Health Services hit with ransomware attack

Pennsylvania-based nonprofit health provider Maternal & Family Health Services has confirmed being impacted by a "sophisticated ransomware incident" months earlier, reports TechCrunch. Such an incident, which was initially reported to the provider on April 4, 2022, but may have begun since Aug. 21, 2021, has compromised current and former patients', employees', and vendors' sensitive data, including their names, birthdates, addresses, Social Security numbers, usernames and passwords, driver's license numbers, and medical and health insurance details, said MFHS in an advisory posted on its website. MFHS has not detailed the reason why it took nine months before it disclosed the attack. More details regarding the incident, including the name of the attackers and whether the demanded ransom has been paid, remain uncertain. Ransomware attacks were reported by Emsisoft to have impacted at least 25 healthcare providers and 290 hospitals across the U.S. last year, including CommonSpirit Health in Chicago, which compromised more than 620,000 patients' data.