3rd Party Risk Management , Governance & Risk Management , Healthcare

Another Healthcare Vendor Reports Big Forta GoAnywhere Hack

Debt Collection Software Firm Intellihartx Says Nearly 490,000 Affected by Breach
Another Healthcare Vendor Reports Big Forta GoAnywhere Hack
Image: Intellihartx

A company that makes patient debt collection software is the latest healthcare sector entity to report a hacking breach related to a flaw in Fortra's GoAnywhere secure file transfer software. To date, the GoAnywhere vulnerability has affected the protected health information of about 4.4 million individuals.

See Also: Securing Healthcare: Minimizing Risk in an Ever-Changing Threat Landscape

Revenue cycle software vendor Intellihartx, also known as ITx, joined a growing list of companies to report to regulators a Fortra-related breach - this one affecting nearly 490,000 individuals.

Tennessee-based ITx, in a breach report filed on June 8 to Maine's attorney general, said it discovered on Feb. 8 that Fortra had been subject to a security incident potentially affecting ITx's clients' patient information.

ITx said that on May 10 it completed its review of all relevant logs provided by Fortra and determined the scope of affected information. "ITx then undertook a comprehensive review of the data to determine what information was affected and to whom that information related. This review was completed on May 19," the breach report says.

Information compromised in ITx's Fortra incident includes patients' names, addresses, medical billing and insurance information, medical information such as diagnoses and medication, and demographic information such as birthdate and Social Security number, the company said.

ITx, which is offering affected individuals one year of complimentary credit and identity monitoring, said it is unaware of misuse of information affected by its Fortra incident.

ITx did not immediately respond to Information Security Media Group's request for additional details, including the number of its healthcare sector clients affected by the incident.

Other Victims

The breach report by ITx is the latest among a long and growing list of reports filed in recent months by other healthcare sector entities affected by hacks on Fortra's GoAnywhere managed file transfer solution, which allows organizations to automate the exchange of data with their trading partners.

Among the other healthcare sector organizations affected by Fortra incidents are health insurers Blue Shield of California, Aetna and Santa Clara Family Health Plan; virtual therapy provider Brightline; healthcare delivery organization Community Health System; and benefits administrator NationsBenefits (see: Health Plan, Mental Health Provider Hit by GoAnywhere Flaw).

The Fortra-related breaches reported by those companies have affected about 4.4 million individuals.

Proposed class action lawsuits involving the GoAnywhere hacking incidents are also piling up in federal courts against many of those companies and others - including Fortra (see: Federal Lawsuits In Fortra Health Data Breach Piling Up).

In February, ransomware group Clop claimed to have exploited the GoAnywhere vulnerability to breach networks used by 130 different organizations. By March, the cybercrime gang had taken responsibility for over 50 hacks tied to the exploit (see: Clop GoAnywhere Attacks Have Now Hit 130 Organizations).

Healthcare is not the only sector feeling pain from the Fortra hacks. Other organizations hit by such incidents include British multinational conglomerate Virgin's rewards club, Virgin Red; the city of Toronto; Rio Tinto; Rubrik; Axis Bank; Hitachi Energy; Saks Fifth Avenue; Procter & Gamble; the U.K.'s Pension Protection Fund; Pluralsight; Munich Re Group and many others (see: Fortra Hacker Installed Tools on Victim Machines).

Fortra is not the only file transfer software vendor to be stung by recent major hacks linked to exploited software vulnerabilities. Progress Software's MOVEit managed file transfer application also has been the subject of recent hacks by Clop exploiting vulnerabilities in that product (see: MOVEit Discloses More Vulnerabilities, Issues Patch).

In late 2020 and early 2021, Clop also used similar tactics to attack more than 100 organizations with Accellion's legacy File Transfer Appliance, using a combination of zero-day vulnerabilities and a new web shell (see: Accellion Agrees to $8.1 Million Breach Settlement).

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.