Cyberattackers Hit Data of 80K Fertility Patients

Fertility Centers of Illinois’ security measures protected electronic medical records, but the attackers still got at extremely intimate data in admin files.

The protected health information of nearly 80,000 patients of Fertility Centers of Illinois (FCI) may have been pawed over by cyber intruders following a cyberattack.

FCI runs four clinics across Illinois. According to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights’ data breach site, the breach – reported on Dec. 27 – affected 79,943 people.

FCI’s data breach notice (PDF) said that the healthcare organization first detected suspicious activity on its internal systems on Feb. 1, 2021. A subsequent investigation indicated that security systems had blocked attackers from accessing patient EMR (electronic medical records) systems. However, the intruder(s) managed to access administrative files and folders.

FCI said that it immediately launched a “thorough and comprehensive review” of its records to identify the files accessed, the information contained in those files and the individuals to whom that information pertained.

By Aug. 27, 2021, FCI had determined that information related to certain FCI patients was included in the set of files that had been improperly accessed. One positive finding so far:

Read More: https://threatpost.com/cyberattackers-data-80k-patients-fertility-centers-illinois/177467/