U.S. Fertility (USF), touted as the largest network of fertility clinics in the United States, was hit by a ransomware attack by cybercriminals this 2020. The cyberattack ran from August to September of this year, with the attack obtaining personal details and sensitive information from users.
Tech Crunch states that it took more than two months for the firm to acknowledge the incident. However, there are no details telling why this is the case, only that it was the request of law enforcement agencies not to disclose the incident to the public from the get-go.
According to Tech Crunch, U.S. Fertility was founded in May as a partnership between Shady Grove Fertility and Amulet Capital Partners. Shady Grove Fertility holds approximately dozens of locations across the East Coast.
The joint venture now brings the total clinics under USF to 55 locations in the United States.
In a press release, the company has already acknowledged the attack that happened to the network.
In a statement, the company said, “the unauthorized actor acquired a limited number of files during the period of unauthorized access, which occurred between August 12, 2020, and September 14, 2020, when the ransomware was executed.”
The chief executive officer of the firm, Mark Segal, also made his sentiments known, saying “We take this incident very seriously and are committed to protecting the security and confidentiality of health information we gather in providing services to individuals.”
The incident reportedly gave way to their systems being down for a whole week, with certain networks experiencing infections from malware.
Among those compromised by the attack include personal information such as names and addresses, reports Bleeping Computer. Apart from these, the date of birth, MPI numbers, as well as the Social Security numbers of individuals have also been made vulnerable.
Despite this, USF believes that there has been no misuse of any individual’s information that stemmed from the incident, as stated in its press release. The company also maintained that “the types of information vary by individual.” Most have had their Social Security numbers remain safe from misuse.
Following the attack, USF reached out to third-party forensic experts to help detect the source of the attack and to help with the investigation of the cybersecurity incident. With the help of these specialists, the fertility network was able to reconnect its systems on September 20, 2020.
Besides this, the company has taken to notifying relevant authorities regarding the incident. In addition, U.S. Fertility has also enhanced its security measures, particularly its firewall, to prevent similar occurrences from happening again.
