Refuah Health Center

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Refuah Health Center, a New York-based federally qualified health center, experienced a significant cybersecurity incident in May 2021 when it was targeted by a ransomware attack. The attackers, claiming to be part of the Lorenz Ransomware group, gained access to Refuah’s system used for viewing video from internal cameras monitoring facilities, leveraging a static four-digit code. From there, they were able to remotely access the network and exfiltrate approximately a terabyte of data, including sensitive patient information.

The compromised data included patient names, addresses, phone numbers, Social Security numbers, driver’s license numbers, dates of birth, financial account numbers, medical insurance numbers, and various health-related information

The breach affected the data of approximately 195,974 to 233,575 patients, with a significant number of those being New York residents

An investigation by the New York Attorney General’s Office found that Refuah had failed to maintain appropriate cybersecurity controls, such as decommissioning inactive user accounts, rotating user account credentials, using multi-factor authentication, restricting employee access to necessary data, and encrypting patient information

As a result of the breach and the subsequent investigation, Refuah Health Center has agreed to invest $1.2 million in cybersecurity measures and pay $450,000 in penalties and costs to the state of New York. The settlement also includes a requirement for Refuah to develop and maintain stronger information security programs, implement policies and procedures to limit access to consumer information, require multi-factor authentication, regularly change credentials, conduct semi-annual audits

Breach Submission Date Apr 29, 2022
Converted Entity Name Refuah Health Center
Converted Entity Type Healthcare Provider
State NY
Individuals Affected 260,740
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes