Timberline Billing Service, an Iowa based medical billing agency, has announced that it became a victim of a ransomware attack early this year that locked down its access to vital files since them.
The medical billing service offering firm is also into reimbursement services says that hackers might have exfiltrated a portion of data between Feb 12 and March 4, 2020, a suspected time frame when the malware intrusion might have taken place, as per security experts.
Timberline provides medical services to over 190 schools in Iowa and so student data of both current and former students (Around 116,131 individuals) is suspected to have been impacted.
Inquiries from Cybersecurity Insiders reveal that information such as data of births, student names, social security numbers, medical aid id numbers and other billing related information might have been leaked in the process.
From Oct’2020, Timberline reportedly contacted the students in Iowa on a digital note and informed them about the data leak from the cyber incident.
As of now, there is no evidence that hackers misused the stolen information. However, there is no guaranty that the hackers will never misuse the stolen data as there is every possibility that they will sell that information on dark web for monetary benefits.
Good news is that Timberline Billing Service LLC has already measures to improve its Cybersecurity posture by investing on new firewalls, server upgrades, resetting passwords and rotating them regularly, threat monitoring solutions and migrating the student data to cloud platforms for better data continuity.