PHI Exposed Due to Ransomware Attacks on the University of Miami Health and Mott Community College

A ransomware attack on Accellion, a file transfer service company, permitted unauthorized individuals to access the protected health information (PHI) of University of Miami Health patients.

The University of Miami Health employed Accellion’s file transfer technology for sharing files that were too big to be sent through email. The University of Miami mentioned that only a few people at the university employed the Accellion solution. Quick action was undertaken to limit the impact of the breach. After that attack, the university has discontinued utilizing Accellion’s file transfer solutions.

The investigation into the ransomware attack is continuing and the audit of the files that were gotten or potentially breached in the attack is not yet finalized, thus the number of individuals impacted by the attack is still unknown.

The University of Miami is convinced that none of its systems were affected in the attack and that the university just transmitted or received a few files using Accellion’s file transfer services.

The group responsible for the attack required a $10 million ransom for the keys to decrypt files and keep the data from being shared on the web or offered for sale on dark websites. A number of the records stolen in the attack were already shared on the gang’s leak webpage, which includes certain information concerning University of Miami Health patients.

The University of Miami was one of Accellion clients that was affected by the breach. The others were Kroger, the University of Colorado, Arizona Complete Health, Shell Oil And Centene.

Mott Community College Ransomware Attack Impacted 1,612 Dental Plan Members

Mott Community College has advised 1,612 people that unauthorized persons got files with their PHI prior to using ransomware on its systems.

Upon becoming aware of the attack, a third-party cybersecurity agency helped investigate the attack to find out the magnitude of the security breach. The review showed that the attackers obtained access to its network from November 27, 2020 up to January 9, 2021.

On January 23, 2021 Mott Community College learned that the attackers exfiltrated sensitive details before deploying the ransomware and that certain files were linked to people who use the self-insured dental plan. An assessment of those records affirmed that they included names, birth dates, and dental plan registration and claims data for persons enrolled in the dental plan in 2014-2015, and 2019.

On March 24, 2021, Mott Community College began mailing notification letters to all people impacted. Though data exfiltration was affirmed, it doesn’t indicate the hackers viewed, disclosed, or misused the contents of the documents. Mott Community College has already enforced supplemental safety measures and technical security procedures to avert any other attacks, which include multifactor authentication for all system and email access and supplemental password requirements.