Fertility Centers of Illinois hit by cyberattack affecting 80K patient data

Cyber criminals have compromised Fertility Centers of Illinois (FCI) and laid their hands-on 80,000 intimate patient data. The US Department of Health and Human Services (DHHS) report shows that the actual FCI data that was compromised is of 79,943 individuals.

As per FCI report, the breach was detected on its internal systems on Feb 01, 2021. After an investigation of the attack, it was found that the FCI security protocols have blocked the attackers from accessing the medical records of the patient but they managed to sneak and find the admin files.

The FCI conducted further forensic and analysis on the accessed files and found that FCI specific patient records have been the one that was compromised. However, the misuse of the data has not been seen yet. The PII details associated with the compromised data could be very sensitive and can be very harmful if used for malicious intent.

Data compromised under the FCI cyberattack

Although the exact modus operandi of the attack is no known, the compromised data include patient names, social security numbers, credit/debit card details, diagnosis and treatment reports, medication, prescription,  bank account details, passport information, employee ID numbers, bills, health insurance numbers, master patient index, patient login credentials, and few other medical data.

The treasure of the sensitive and intimate data

Actors have compromised these sensitive and intimate data, and the same could have a huge value in the dark web. A similar case was seen in Las Vegas, when a hacker breach PII medical data and was sentenced to 12.5 years of prison, the data was used to claim Department of Defense and Administration benefits.

Adding to the investigations put forth by FCI team, they started employee security practices and training to enhance their security posture.

“Please be assured that we have invested considerable resources to ensure that such a vulnerability does not exist in the future” – FCI.

Perk of attacking healthcare industry

In recent years, the healthcare industry has been the sweet spot for cyber criminals as the benefits are massive. The recent Apache Log4j vulnerability had made things even more simple for the threat actors, as the healthcare industry is also patching and fixing the Log4j vulnerability for past few weeks.

The DHHS Task Group issued a report on how devastating the Log4j vulnerability could be for healthcare organizations if not taken care properly.

Since the attackers are deploying double- and triple-extortion ransomware attacks, the compromised data can be encrypted, sold and also deleted giving the attackers multiple levels of leverages and ransom demands from the victims.

Was FCI’s critical data outside their network monitoring?

As per Jake Williams, Co-Founder and CTO at BreachQuest, the FCI’s compromised devices and data could have been outside of their network monitoring and security layers without proper data protection protocols in place.

The data could have been outside of their EHR system as well, which should have been a sweet spot for the actors. When a proper domain and MFA authentication are in place, cases like FCI data breach could have been avoided.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.

You can reach out to us via Twitter or Facebook, for any advertising requests.