According to the confirmation from the corporation, thousands of healthcare members had their personal information stolen as a result of the cyberattack targeting Fortra customers. The company is now working to ensure that all members are notified and have access to resources for protecting their privacy.
Florida-based technology company NationsBenefits said in a data breach notice filed with New Hampshire’s attorney general that more than 7,100 state residents had their personal information stolen in the late-January ransomware attack on Fortra’s systems. The affected individuals include both citizens and employees of the state government. NationsBenefits estimated that the total value of all damage caused by the attack could be as high as $1 million.
Nationals Benefits provides supplemental benefits for health insurance members, such as vision, hearing and over-the-counter drugs. With this coverage, members can ensure that they’re always prepared for any unforeseen medical emergencies.
The data breach notice said hackers stole personal information of NationsBenefits members stored in its Fortra-hosted instance of GoAnywhere, a file transfer software tool used by thousands of organizations to share large sets of data over the internet. This incident could have serious consequences for the affected individuals, as their personal information could be used by criminals to Fraudulently obtain benefits or steal money from their bank account.
According to security researchers, a previously unknown vulnerability was exploited by hackers in the January mass-hack of Fortra’s GoAnywhere instances. The vulnerability allowed attackers to access user data on dozens of customer organizations. Clop ransomware gang claimed responsibility for the attack, alleging that they stole data on more than 100 organizations.
The data breach happened due to unauthorized access to the Nation’s database. This information was stolen and used in an attempt to commit fraud. Nation’s benefits members are warned not to sign up for any new accounts until they have been fully verified.
Bad news for NationsBenefits – their databases have been breached, and some of the data belongs to individual members. Michael Fried, a spokesperson for the company, told TechGround that they are ‘complying with all legal and commercial obligations in response to this incident’. However, he would not disclose which specific members’ data was stolen.
NationsBenefits, the online insurance provider, announced on Wednesday that the personal information of more than 2 million customers who live outside of New Hampshire had been hacked. The data breach was first reported in California, and it is not yet clear how many residents are affected. However, companies are legally obligated to disclose data breaches in California when 500 or more residents are affected.
Nations Benefits is one of the largest insurance companies in the United States. It provides coverage to millions of people, but now it has been hacked, and thousands of people may have had their personal information compromised. This breach could pose a risk to those members’ security and finances, and Nations Benefit ought to do everything it can to protect them. The company has not yet released a detailed timeline of when the attack occurred or how many people were affected, so anyone who thinks they may be one of those affected should check their account carefully for any suspicious activity.
The healthcare benefits company is one of the latest Fortra customers to confirm that it was affected by the January breach. The hackers allegedly stole data on at least one million patients, leading to concerns about the security of patient records.
Many experts have accused Fortra of hiding details of the breach behind a customer login wall, which only came to light when security reporter Brian Krebs published the company’s hidden disclosure online. Fortra initially believed that they had patched the vulnerability, but it was later discovered that they were actually hiding information concerning it. A week after publishing their disclosure, Fortra released a patch for the vulnerability.
Some customers who used Fortra’s online services to store their data were disappointed when they learned that their data had been stolen after hackers sent a ransom demand. After being informed of the theft, many of these customers contacted Fortra to find out if their data was actually safe. Fortra told some customers that their data was safe, only to find out weeks later that it had been stolen in fact.
Fortra likely became aware of the vulnerability through either their own research or that of security researchers. They worked with Nations Benefits to correct the vulnerability, but it is unknown whether or not anyone was compromised as a result.
In the days leading up to the data breach at Fortra, on-premise servers used by customers were hacked. The vulnerability that was exploited in these hacks is not yet publicly known, but it is likely that this attack was conducted with the same tool or tools used in the compromise of Fortra’s hosted systems.
One Fortra customer told ABC News that their account was hacked and more than $30,000 was stolen. The company spokesperson Rachel Woodford declined to say how many customers are affected or comment beyond the company’s blog post.