Multiple Healthcare Provider Clients Affected by CaptureRx Ransomware Attack
At Least Three US Healthcare Providers Have Had Their Data Exposed After A Cyberattack Hit the Texas Management Services Company.
With 21 years of experience, CaptureRx is a San Antonio-based healthcare technology company and leading 340B solution provider that serves over 500 hospitals and health centers in 45 states via a robust pharmacy network of more than 3,500 contracted locations of independent, national, and regional pharmacies.
Image Source: CaptureRx
On February 6th, CaptureRx became a victim of a ransomware attack. An investigation revealed that certain files were accessed without permission, including first and last names, dates of birth, prescription information, and medical record numbers.
CaptureRx recently became aware of unusual activity involving certain of its electronic files. Following this, CaptureRx immediately began an investigation into this activity and worked quickly to assess the security of its systems. On February 19, 2021, the investigation determined that certain files were accessed and acquired on February 6, 2021 without authorization.
According to HIPAA Journal, a review of the accessed files in the CaptureRx ransomware attack was completed on March 19th, 2021, and affected healthcare provider clients were notified between March 30th and April 7th, 2021.
During the attack, hackers stole files containing personal health information (PHI) for more than 24,000 individuals.
Although it is currently unknown how many of its healthcare provider clients have been affected, or how many individuals were impacted by in the CaptureRx ransomware attack, a short list of victims has been provided by HIPAA Journal:
- The Mohawk Valley Health System affiliate, Faxton St. Luke’s Healthcare in New York – 17,655 patients.
- Randolph, VT-based Gifford Health Care – 6,777 patients.
- Thrifty Drug Stores (Thrifty White) – Currently unknown number of patients.
CaptureRx said no evidence was found suggesting that the data stolen in the attack was misused. However, individuals affected by the incident are advised to carefully monitor their bank accounts for fraudulent activity.
Data privacy and security are among CaptureRx’s highest priorities, and there are extensive measures in place to protect information in CaptureRx’s care. Upon learning of this incident, CaptureRx moved quickly to investigate and respond. This investigation and response included confirming the security of CaptureRx’s systems, reviewing the contents of the relevant files for sensitive information, and notifying covered entities associated with that sensitive information.
Additionally, the company’s policies and procedures are being reviewed and enhanced and additional workforce training is being conducted to avoid similar attacks in the future. CaptureRx is currently working with healthcare providers to notify individuals whose information was contained in the subject files as well as appropriate regulatory authorities.
The company has established a dedicated assistance line at (855) 654-0919 (toll-free), Monday – Friday, 9:00 a.m. to 5:00 p.m., Eastern Time for any questions individuals may have.