Contents:
Mom’s Meals, a medical meal delivery service operated by PurFoods in the U.S., has alerted its users about a significant ransomware attack. The breach has compromised the personal information of approximately 1.2 million customers, employees, and independent contractors.
The initial signs of suspicious network activity came to light in February, prompting the company to enlist third-party specialists to conduct an investigation.
What Happened?
The investigation revealed that the firm had fallen victim to a cyberattack between January 16 and February 22, during which specific files on their network were encrypted by the attackers.
Forensic evidence suggested the presence of tools frequently used in data theft on the company’s system.
Upon identifying suspicious account behavior on February 22, 2023, we launched an investigation with the help of third-party specialists.
The investigation determined that we experienced a cyberattack between January 16, 2023, and February 22, 2023, that included the encryption of certain files in our network.
Because the investigation identified the presence of tools that could be used for data exfiltration (the unauthorized transfer of data), we can’t rule out the possibility that data was taken from one of our file servers.
PurFoods Notice (Source)
An anonymous employee from Mom’s Meals, in March 2023, hinted at operational disruptions to an Iowa news outlet, attributing missed work and pay to “an internet issue”, explains Bleeping Computer.
What Type of Data Was Compromised?
The compromised data includes:
- Birthdates
- Driver’s license numbers
- State IDs
- Financial details
- Payment card info
- Medical records and related data, including Medicare and Medicaid IDs, treatment details, diagnosis codes, meal costs, health insurance details, and patient IDs.
- Social Security Numbers, though only for a small fraction (>1%) of the affected individuals.
The breach’s total impact is believed to involve 1,237,681 individuals, as reported to the Office of the Maine Attorney General by PurFoods. Affected parties are being offered 12 months of complimentary credit monitoring and identity protection services through Kroll.
Given the nature of the exposed data, victims are at significant risk of sophisticated scams, phishing, and targeted attacks.
All those affected are urged to exercise caution when dealing with unexpected communications, be it through email, texts, or phone calls.
The company’s notice, which can be found here, outlines the steps their clients can follow to protect their personal information.
If you want to learn more about: how ransomware spreads, how to mitigate and how to prevent ransomware attacks, check out the linked articles.
If you liked this piece, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.