To protect against an incident like this from reoccurring, Fortra informed us that it has deleted the unauthorized party’s accounts, rebuilt the secure file transfer platform with system limitations and restrictions, and produced a patch for the software. The personal information may have included full name, address, medical billing and insurance information, certain medical information such as diagnoses and medication, and demographic information such as date of birth and social security number.īoth CHSPSC and Fortra have been in contact with law enforcement, including the Federal Bureau of Investigation (“FBI”) and the Cybersecurity and Infrastructure Security Agency (“CISA”), and are supporting law enforcement’s investigation. CHSPSC has determined at this point in its investigation that CHSPSC Affiliate personal information relating to patients, a limited number of employees, and other individuals may have been disclosed to the unauthorized party as a result of the Fortra incident. According to Fortra, the unauthorized party used a previously unknown vulnerability to gain access to Fortra’s systems, specifically Fortra’s GoAnywhere file transfer service platform, compromising sets of files throughout Fortra’s platform.ĬHSPSC received this information from Fortra on February 2, 2023, and immediately began its own investigation of potential impact of the Fortra incident on CHSPSC Affiliate personal information. Please also refer to the FAQs below for additional information about locations and other questions.įortra informed us it became aware of the incident the evening of Januand took impacted systems offline on January 31, 2023, stopping the unauthorized party’s ability access the system. For a list of hospitals that are CHSPSC Affiliates and links to their websites to help you determine if you may be affected, please visit please visit. You may be affected if you received services at one of the CHSPSC Affiliates, are a family member or guarantor with respect to a patient, or are a current or former employee of CHSPSC Affiliates. CHSPSC is a professional services company that provides services to hospitals and clinics affiliated with Community Health Systems, Inc. Fortra is a cybersecurity firm that contracts with CHSPSC, LLC (“CHSPSC”) to provide a secure file transfer software called GoAnywhere. This notice provides information regarding a security incident experienced by Fortra, LLC (“Fortra”), which Fortra reported occurred between Januand Januthat resulted in the unauthorized disclosure of personal information. Notice of Third-Party Security Incident Impacting CHSPSC Affiliate Data
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |