The biggest addiction treatment provider in the US says it was hit by data breach

(Image credit: Avast)

BayMark Health Services confirmed suffering a cyberattack in September 2024
Crooks stole Social Security numbers, driver's license numbers, and more
The company did not say how many people were affected

BayMark Health Services, a US healthcare provider which helps people treat and recover from drug abuse and mental health problems, has confirmed suffering a cyberattack and losing sensitive patient data.

In a filing with the Attorney General of California, which includes a letter sent to affected individuals, BayMark said that the attack happened in September 2024, but did not state how many people lost their data:

“On October 11, 2024, we learned of an incident that disrupted the operations of some of our IT systems. We immediately took steps to secure our systems, launched an investigation with the assistance of third-party forensic experts, and notified law enforcement,” the breach notification letter says. "Our investigation determined that an unauthorized party accessed some of the files on BayMark’s systems between September 24, 2024 and October 14, 2024. We then initiated a review and analysis of those files.”

RansomHub

The subsequent investigation, which concluded in early November, determined that the threat actors took people’s Social Security numbers (SSN), driver’s license numbers, dates of birth, the types of services received, the dates of the service, insurance information, treating providers, and treatment/diagnostic data. More than enough for phishing, identity theft, and other forms of cybercrime.

To mitigate the incident, BayMark is offering a year’s worth of Equifax identity monitoring services for free to affected patients.

While the company did not discuss who the attackers were, BleepingComputer uncovered that the RansomHub ransomware gang took responsibility and added BayMark to its data leak site. There, the miscreants said they stole 1.5TB of sensitive data, which they uploaded to the leak site, as well. This would mean that BayMark most likely did not pay the ransom demand.

RansomHub is a relatively young ransomware operation which emerged after the infamous ALPHV group stole $22 million from ChangeHealthcare and disappeared.

Via BleepingComputer

Thousands of SonicWall VPN devices are facing worrying security threats
Here's a list of the best antivirus tools on offer
These are the best endpoint protection tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.