National Vascular Care Provider Confirms Cyber Attack; 348k Exposures
Table of Contents
- By Steven
- Published: Feb 15, 2024
- Last Updated: Feb 16, 2024
Azura Vascular Care operates a national network of health and wellness centers. They specialize in minimally invasive procedures and strive to treat vascular conditions in comfortable, out-patient settings. They offer healthcare in 25 states with multiple facilities and specialized teams. At the end of last year (2023), Azura discovered a threat actor within their network environment; officials removed the threat, but not before the criminals obtained 348k patient records.
How Did the Attack Occur?
Everything the public knows about the event comes from Azura’s website statement, except for the reported impact figure, which comes from the Department of Health and Human Services. According to Azura, an unauthorized actor accessed their network environment and began encrypting files. The statement does not indicate how the assailants made the attack possible or if there were ransom demands for the safe recovery of the accessed data. At this time, signs point to a ransom or malware infection, but we can only speculate until more is made public.
What Information Was Viewed or Stolen?
The cybercriminals impacted various data elements in this event, but some victims have unique exposures (explained within their impact notice). Consequently, some victims may find their compromised data includes names, mailing addresses, dates of birth, demographic and contact information, Social Security Numbers, insurance policies and guarantor details, diagnosis and treatment details, and medical or billing records. Some victims may have also had their appointment information and specific medical histories exposed in the incident. The data compromised in this event is susceptible and can be misused if it falls into a bad actor’s hands; victims must immediately take up safeguards.
How Did Azura Vascular Care Admit to the Breach?
Azura’s statement suggests that the attack began around September 27th, 2023, or at least when encryptions began to appear within their network. It is unclear when or how officials discovered the breach, but around a month later, they confirmed that the incident impacted some information in the systems. A week later, they confirmed the data included that of patients and other individuals with information stored in the encrypted files. Officials notified the Department of Health and Human Services around January 13th, 2024, which may indicate that Azura is working to send impact notices to victims.
What Will Become of the Stolen Information?
The data stolen in this event is primarily identity and medical information belonging mainly to patients of Azura’s services. The stolen details are sensitive, which may cause issues for victims in the future if criminals misuse them. Those with duplicate account information (where a username and password get used for multiple accounts) are in particular danger because the assailants could use the information to breach other systems with the same credentials. Moreover, at any time, the criminals could misuse the data for identity or medical fraud, impersonation, or extortion.
What Should Affected Parties Do in the Aftermath of the Breach?
Azura’s statement suggests that officials are sending notices to impacted parties—which may also mean their investigations are ongoing. Victims will likely receive their impact notice in the upcoming weeks, but they don’t need to wait for it to start safeguarding their data. They should consider account monitoring services for profiles they cannot oversee consistently, and patients must request itemized statements from their providers. It may be a sign of medical fraud if they find anything suspicious. Victims must act as quickly as possible to safeguard their data; no one can stop a criminal from misusing it, but professional assistance can help mitigate the consequences.
