National Vascular Care Provider Confirms Cyber Attack; 348k Exposures

  • By Steven
  • Published: Feb 15, 2024
  • Last Updated: Feb 16, 2024

Cyber attack

Azura Vascular Care operates a national network of health and wellness centers. They specialize in minimally invasive procedures and strive to treat vascular conditions in comfortable, out-patient settings. They offer healthcare in 25 states with multiple facilities and specialized teams. At the end of last year (2023), Azura discovered a threat actor within their network environment; officials removed the threat, but not before the criminals obtained 348k patient records.

How Did the Attack Occur? 

Everything the public knows about the event comes from Azura’s website statement, except for the reported impact figure, which comes from the Department of Health and Human Services. According to Azura, an unauthorized actor accessed their network environment and began encrypting files. The statement does not indicate how the assailants made the attack possible or if there were ransom demands for the safe recovery of the accessed data. At this time, signs point to a ransom or malware infection, but we can only speculate until more is made public. 

What Information Was Viewed or Stolen? 

The cybercriminals impacted various data elements in this event, but some victims have unique exposures (explained within their impact notice). Consequently, some victims may find their compromised data includes names, mailing addresses, dates of birth, demographic and contact information, Social Security Numbers, insurance policies and guarantor details, diagnosis and treatment details, and medical or billing records. Some victims may have also had their appointment information and specific medical histories exposed in the incident. The data compromised in this event is susceptible and can be misused if it falls into a bad actor’s hands; victims must immediately take up safeguards. 

How Did Azura Vascular Care Admit to the Breach? 

Azura’s statement suggests that the attack began around September 27th, 2023, or at least when encryptions began to appear within their network. It is unclear when or how officials discovered the breach, but around a month later, they confirmed that the incident impacted some information in the systems. A week later, they confirmed the data included that of patients and other individuals with information stored in the encrypted files. Officials notified the Department of Health and Human Services around January 13th, 2024, which may indicate that Azura is working to send impact notices to victims.

What Will Become of the Stolen Information? 

The data stolen in this event is primarily identity and medical information belonging mainly to patients of Azura’s services. The stolen details are sensitive, which may cause issues for victims in the future if criminals misuse them. Those with duplicate account information (where a username and password get used for multiple accounts) are in particular danger because the assailants could use the information to breach other systems with the same credentials. Moreover, at any time, the criminals could misuse the data for identity or medical fraudimpersonation, or extortion. 

What Should Affected Parties Do in the Aftermath of the Breach? 

Azura’s statement suggests that officials are sending notices to impacted parties—which may also mean their investigations are ongoing. Victims will likely receive their impact notice in the upcoming weeks, but they don’t need to wait for it to start safeguarding their data. They should consider account monitoring services for profiles they cannot oversee consistently, and patients must request itemized statements from their providers. It may be a sign of medical fraud if they find anything suspicious. Victims must act as quickly as possible to safeguard their data; no one can stop a criminal from misusing it, but professional assistance can help mitigate the consequences.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

What is a Time-based One-time Password (TOTP)?

What is a Time-based One-time Password (TOTP)?

Authentication is the process that verifies the user's identity to control access to resources, prevent unauthorized users from gaining access to the system, and record user activities (to hold them accountable for their activities).

Corporate Fraud: Detection, Prevention, and the Role of Corporate Fraud Attorneys

Corporate Fraud: Detection, Prevention, and the Role of Corporate Fraud Attorneys

The growing scale of organizations and the more opportunities to push the boundaries have led to an upsurge in corporate fraud in recent years.

Is Upwork Legit and How To Protect Yourself?

Is Upwork Legit and How To Protect Yourself?

Doing business online has become simpler with the development of the Internet and mobile technologies. In general, both freelancers and clients benefit from the freelancing platforms.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Notice

By proceeding with this scan, you agree to let IDStrong run a Free Scan of supplied parameters of your personal information and provide free preliminary findings in compliance with our Terms of Use and Privacy Notice. You consent to us using your provided information to complete the Free Scan and compare it against our records and breach databases or sources to provide your Free preliminary findings report.

Rest assured: IDStrong will not share your information with third parties or store your information beyond what is required to perform your scan and share your results.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address
Close