In January, hackers breached GoAnywhere, the file transfer platform of Community’s third-party cybersecurity vendor, Fortra. Community determined that the breached data may have included names, addresses, dates of birth, Social Security numbers, insurance information, medical diagoses and medications, according to the notice on the health system’s website.
Forta has deleted the unauthorized party’s accounts, rebuilt the platform, and created a software patch, Community said. The health system also said it has boosted the security of its use of GoAnywhere.
Community is offering the 962,884 affected individuals, who include patients and a limited number of employees, free identification restoration and credit monitoring services.
Russian ransomware gang Clop has claimed responsibility for the hack.
