Oregon medical group notifies 750,000 patients of breach, says FBI seized accounts from HelloKitty ransomware

The Oregon Anesthesiology Group (OAG) said it suffered a ransomware attack in July that led to the breach of sensitive employee and patient information.

The breach involves the information of 750,000 patients and 522 current and former OAG employees. 

In a statement, the company said it was contacted by the FBI on October 21. The FBI explained that it seized an account that contained OAG patient and employee files from HelloKitty, a Ukrainian ransomware group. 

The FBI said it believes the group exploited a vulnerability in OAG’s third-party firewall, enabling the hackers to gain entry to the network. 

“Patient information potentially involved in this incident included names, addresses, date(s) of service, diagnosis and procedure codes with descriptions, medical record numbers, insurance provider names, and insurance ID numbers,” OAG explained. 

“The cybercriminals also potentially accessed current and former OAG employee data, including names, addresses, Social Security numbers and other details from W-2 forms on file.”

The July 11 attack locked OAG out of its servers and forced them to restore their systems from off-site backups and rebuild their IT infrastructure from the ground up. Outside cybersecurity experts were hired to help with the investigation into the attack. 

“According to the cyber forensics report obtained by OAG

Read More: https://www.zdnet.com/article/oregon-medical-group-notifies-patients-of-cybersecurity-breach-says-fbi-seized-hellokitty-accounts/#ftag=RSSbaffb68