A ransomware attack that took place in Arizona based pharmacy GenRx on Sept 28th, 2020 is said to have put the data of over 137,000 patients to risk says a report. Since the victim denied paying the ransom; the hackers leaked some stolen data from the Scottsdale located healthcare organization onto the dark web.
GenRx reportedly hired a third party security firm to investigate the attack and its impact and concluded that the threat actors stole a portion of data from the pharmacy systems. The information that has been siphoned includes weekly/monthly quota of medicines that are shipped to patients as per the needs.
The hack seems to be sophisticated as the cyber criminals accessed and wiped out certain healthcare information that includes addresses, phone numbers, date of births, patient gender, allergic reactions of some patients to certain drugs, medical prescription, health plan information and insurance details.
As the pharmacy stores data regarding HIPAA compliance policies planned by US Department of Health and Human Services Office of Civil Rights, it has uploaded the breach details onto the HIPAA Breach Portal.
The company claims that hackers accessed the information of only 5% of its patient database and were blocked on time before they could take the entire database to encryption driven custody.
Details such as the ransomware variant and the ransom amount has not been disclosed by Genrx yet.