Jewish Home Lifecare Notifies 100,000 Victims of Ransomware Breach
A non-profit healthcare organization (HCO) dedicated to serving senior citizens has revealed the extent of a major ransomware breach earlier this year.
Jewish Home Lifecare, now known as The New Jewish Home, has been forced to notify over 104,000 customers about the incident, according to a filing with the Maine Office of Attorney General (OAG).
The New York City-based HCO posted a notice in February about a data breach incident that it discovered on January 7. However, it was unclear at the time how many were affected.
“The New Jewish Home determined that the information potentially impacted may have included information related to patients and other members of The New Jewish Home community, including name, address, date of birth, Social Security number, payment card information, financial account information, passport number, medical record information, and medical treatment information,” it said at the time.
Read more on healthcare breaches: Change Healthcare Hit by Cyber Extortion Again
After a lengthy review, the final number of victims was determined on July 17.
“The investigation determined an unauthorized actor accessed certain files on our network. We then conducted a thorough and extensive review of the potentially impacted data to determine the type of information contained therein and to whom the information related,” the breach notification letter explained.
“While there is no evidence to suggest that any information has been or will be fraudulently misused, we are providing this notification in an abundance of caution.”
The HCO urged affected customers to enrol in the complimentary credit monitoring and identity protection services it is offering.
Notorious ransomware group ALPHV/BlackCat claimed responsibility for the breach at the time, listing New Jewish Home on its leak site. However, the non-profit never confirmed this, and the ransomware collective has since disappeared after conducting what many believe to be an exit scam.
The group was responsible for a major ransomware breach at UnitedHealth Group’s Change Healthcare earlier this year.