CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Data Breaches·Ransomware

400,000 Impacted by CentroMed Data Breach

The personal information of 400,000 individuals was compromised in a data breach at El Centro Del Barrio (CentroMed). The post 400,000 Impacted by CentroMed Data Breach appeared first on SecurityWeek.

San Antonio-based healthcare provider El Centro Del Barrio (which operates as CentroMed) is informing 400,000 patients that their personal and protected health information was compromised in a recent cyberattack.

The data breach was discovered on May 1, 2024, after a threat actor gained access to the organization’s network on April 30, CentroMed said in an incident notice (PDF) on its website.

“While in our IT network, the unauthorized party accessed and/or acquired files that contain information pertaining to CentroMed’s current and former patients,” the healthcare provider said.

The potentially exposed information, the organization announced, included names, addresses, dates of birth, medical and health information, insurance information, Social Security numbers, financial account information, and medical claims data.

“For patients whose information may have been involved in the incident, we recommend reviewing the statements they receive from their healthcare providers and contacting the relevant provider immediately if they see services they did not receive,” CentroMed said, encouraging all patients to review financial statements for unusual activity.

The organization started notifying the potentially impacted individuals on May 17 and has informed the US Department of Health and Human Services (HHS) that a total of 400,000 former and current patients were affected by the data breach.

This is the second hacking incident that CentroMed has suffered over the past year, after falling victim to the Karakurt extortion group in June 2023.

Disclosed in August 2023, the data breach resulted in the personal information of 350,000 patients, employees, employee spouses, partners, and dependents being compromised.

Karakurt claimed the theft of roughly 42 gigabytes of data from CentroMed, but does not appear to have leaked it publicly.

CISA, the FBI, the US Treasury, and FinCEN issued an alert on Karakurt in June 2022, warning that it would typically exfiltrate victim data and hold it for ransom, without deploying file-encrypting ransomware. HHS issued a similar alert in August 2022.

Related: MediSecure Data Breach Impacts Patient and Healthcare Provider Information

Related: 900k Impacted by Data Breach at Mississippi Healthcare Provider

Related: Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service

Latest News

CYBERNEWSMEDIAPublisher