Norton Healthcare says it will alert 2.5 million patients whose personal information may have been compromised by cyberattack
About two and a half million people may have been affected by a ransomware attack on Norton Healthcare, the Louisville hospital company said Tuesday. It said they will get letters soon, alerting them that the attack “exposed a wide array of sensitive information,” Valerie Chinn of WDRB reports.
Last week, for the first time, Norton said it was the victim of a ransomware attack, had notified federal law enforcement officials and was “working with a respected forensic security provider to investigate and terminate the unauthorized access.” It said its medical-record system and MyChart system for patients were not violated.
Norton said “Individuals whose information may have been impacted can sign up for two years of credit monitoring by following the instructions in written notification letters that are being mailed.” It urged them to “remain vigilant and continue reviewing account statements for unusual activity.”
Adrian Lauf, a computer science and engineering professor at University of Louisville, told WDRB that the compromised information suggested that insurance fraud is a possible threat, so past Norton patients should watch out for fraudulent insurance claims.
“Lauf also said to err on the side of caution, and suggests contacting a national credit bureau to either submit a fraud alert and/or initiate a credit freeze,” WDRB reports. “He also suggests to verify or double-check and unknown numbers or emails that contact you.”
A federal class-action lawsuit filed against Norton July 21 by employees and patients whose personal information was stolen from Norton’s servers alleges that the company failed to notify those affected or the attorneys general of Kentucky and Indiana.
“A hacker group called BlackCat claimed responsibility for the attack and leaked files as proof,” WDRB reports. “Employees’ names, social security numbers and birth dates as well as patients’ personal information, credit card numbers and medical history are contained in documents obtained by WDRB News and available publicly on the dark web, a corner of the internet accessible via specialized web browsers. They had not been redacted, and appear to be authentic.
“The documents appeared to show a large amount of Norton’s financial information, including operating accounts and payroll accounts with a balance of tens of millions of dollars, credit card information, confidentiality agreements, patient imaging orders, vendor and bank information and business invoices. Norton serves about 600,000 patients a year with nearly $5 billion in assets.”