Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Additional Healthcare Firms Disclose Impact From Netgain Ransomware Attack

Healthcare providers Caring Communities and Entira Family Clinics are warning patients that their personal information may have been exposed in a data breach that hit tech vendor Netgain Technology more than a year ago.

Healthcare providers Caring Communities and Entira Family Clinics are warning patients that their personal information may have been exposed in a data breach that hit tech vendor Netgain Technology more than a year ago.

In late November 2020, Netgain, which provides managed IT services to organizations in sectors such as accounting, healthcare, and legal, fell victim to a ransomware attack that also resulted in the compromise of customer data.

By January 2021, Netgain had informed affected organizations of the incident, and numerous healthcare services providers began  sending  data breach notices over the next several months, including Ramsey County’s Family Health division, Woodcreek Provider Services, Sandhills Medical Foundation, Apple Valley Clinic, Neighborhood Healthcare, San Diego Family Care (and Health Center Partners of Southern California), SAC Health System, SouthCare Carolina, and Caravus.

Ransomware Virtual Event

During summer, more healthcare provides disclosed impact from the incident, including Minnesota Community Care, CentraCare Health and Carris Health – Willmar Lakeland Clinic, Family Health Centers of San Diego, Imperial Beach Community Clinic, and LifeLong Medical Care.

Last week, Caring Communities and Entira Family Clinics also  revealed the impact from the Netgain ransomware attack and began telling patients that their personal information might have been leaked.

In addition to medical history, data that was potentially compromised in the attack includes names, addresses, and Social Security numbers, both organizations said in their notification letters.

Entira told the Maine Attorney General’s Office that data of roughly 200,000 individuals was compromised in the incident. Overall, the Netgain incident appears to have impacted the data of more than 1 million patients.

Related: MRIoA Discloses Data Breach Affecting 134,000 People

Related: 400,000 Individuals Affected by Email Breach at West Virginia Health Firm

Related: Preventing a Cyber Pandemic in Healthcare

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.