Intellihartx data breach exposed the personal and health info of 490,000 individuals

Intellihartx
is
notifying
about
490,000
individuals
that
their
personal
information
was
compromised
in
the
GoAnywhere
zero-day
attack
in
January.

The

Clop
ransomware
group
has
stolen
stole
personal
and
health
information
of
489,830
individuals
as
a
result
of
a
ransomware
attack
on
the
technology
firm
Intellihartx.
The
attack
took
place
earlier
this
year,
the
attackers
have
exploited
the

GoAnywhere
zero-day
vulnerability
tracked
as
CVE-2023-0669.

In
February,
the
Clop
ransomware
group claimed to
have
stolen
sensitive
data
from
over
130
organizations
by
exploiting
a
zero-day
vulnerability
(CVE-2023-0669)
in
Fortra’s GoAnywhere
MFT secure
file
transfer
tool.

“On
February
2,
2023,
ITx
discovered
that
its
secure
file
transfer
protocol
provider,
Fortra,
was
subject
to
a
data
privacy
event
that
potentially
impacted
ITx’s
clients’
patient
information
(“Fortra
Event”).
ITx
promptly
launched
an
investigation
to
determine
the
nature
and
scope
of
the
Fortra
Event.
On
March
24,
2023,
ITx
completed
its
initial
review
of
the
logs
provided
to
it
by
Fortra.
ITx
began
notifying
potentially
affected
data
owners
on
April
11,
2023.”
reads
the

data
breach
notification
issued
by
the
company.
“ITx
completed
a
further
review
of
the
additional
logs
provided
by
Fortra,
as
well
as
correspondence
with
the
unauthorized
party,
to
determine
the
scope
of
impacted
information
on
May
10,
2023.”

Compromised
data
may
include
name,
address,
medical
billing
and
insurance
information,
certain
medical
information
such
as
diagnoses
and
medication,
and
demographic
information
such
as
date
of
birth
and
Social
Security
number.

Intellihartx
is
not
aware
of
any
misuse
of
the
stolen
information.

The
company
notified
law
enforcement
regarding
the
security
breach
and
is
offering
free
credit
monitoring
services
for
one
year,
through
Experian,
to
the
impacted
individuals.
TITx
also
provided
impacted
individuals
with
guidance
on
how
to
prevent
identity
theft
and
fraud.

Intellihartx
is
the
latest
company
to
be
the
victim
of
the
massive

hacking
campaign
that
exploited
zero-day
in
Fortra’s
GoAnywhere
file-transfer
software.
Other
victims
of
the
Clop
ransomware
are

City
of
Toronto,

Rubrik,
Onex,
Axis,
Bank,
Rio
Tinto, Hitachi
Energy,
and
Virgin
Group.

Other
organizations
have
observed
exploitation
attempts
but
said
the
attack
had
limited
impact.

The
Cl0p
cybergang
has
also
claimed
responsibility
for
the
recent MOVEit
Transfer
MFT
zero-day
attack,
which impacted
several
major
organizations,
including
Irish
airline
Aer
Lingus,
British
Airways,
the
BBC,
UK-based
payroll
and
HR
company

Zellis,
and
the
Canadian
province
of
Nova
Scotia.

Follow
me
on
Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data
breach)

Share
On

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts