Another 210,000 Americans Affected by Netgain Ransomware Attack

Written by

The number of Americans affected by a cyber-attack on a cloud hosting and IT services provider has increased by 210,000.

Netgain Technologies LLC, in St. Cloud, Minnesota, was forced to take some of its data centers offline after falling victim to a ransomware attack on November 23 last year. A few days after the attack, customers were emailed warnings that system outages or slowdowns may occur. 

The company provides services to several organizations in the healthcare and accounting industries, including Woodcreek Provider Service, a medical-practice management company in Washington state that provides support to pediatric clinics and urgent care centers owned and operated by MultiCare Health System.

On December 3, Netgain notified Woodcreek that the protected health information of patients was stored on servers affected by the cyber-attack and may have been accessed by threat actors. Other data that may have been compromised included the personal information of Woodcreek employees, healthcare providers, applicants, contractors, and individuals receiving services delivered by MultiCare Health Systems and/or Woodcreek Provider Service. 

According to a statement released March 9 by Woodcreek: "The information included names and addresses, medical record numbers, dates of birth, social security numbers, health insurance policy and identification numbers, insurance claims, explanation of benefits, statements, clinical notes, referral requests, laboratory reports, decision not to vaccinate forms, authorization requests for services, treatment approvals, records requests, immunization information, vaccine records, prescription requests, release of information forms, subpoena records requests, medical record disclosure logs, incident reports, invoices, correspondence with patients, student identification numbers, bank account numbers, employment related documents, court documents, Drug Enforcement Agency certificates, payroll withholding and insurance deduction authorizations, benefit and tax forms, employee health information and some medical records."

Confirmation of what data was involved in the attack was only received by Woodcreek on January 18, 2021. The company is now taking steps to notify affected individuals in writing.

Woodcreek said that since the incident took place, it has enhanced cybersecurity protocols and practices to improve the security of the data in its care. The company said it had received written assurances from Netgain that the IT services provider has added security enhancements within its network to proactively defend against future threats.

What’s hot on Infosecurity Magazine?