Top medical billing firm says data breach hit 360,000 users

News
By
published

Plenty of sensitive data stolen in Medusind 2023 breach

Data breach
(Image credit: Shutterstock)
  • Medusind begins notifying victims about a December 2023 data breach
  • Incident resulted in 360,000 people losing payment and personal data
  • The company is offering two years free identity theft monitoring

Medusind, a major medical billing firm, has confirmed suffering a cyberattack in which hundreds of thousands of people lost sensitive data, including payment information.

In a data breach notification letter, the company said the incident happened on December 29, 2023, and was spotted the same day. Since Medusind is a healthcare revenue cycle management company, it provides billing support to healthcare organizations, and it is patients from these healthcare firms who’ve had their data grabbed in this attack.

A detailed investigation into the attack uncovered that the threat actors stole health insurance and billing information (insurance policy numbers, or claims/benefits information), payment information (debit/credit card numbers, bank account information), health data (medical history, medical record number, prescription information), government ID information (Social Security numbers, taxpayer IDs, driver’s licenses, passport numbers), and other personal information (email addresses, phone numbers, birth dates, and more) - all of which could put victims at risk of identity theft or worse.

Hundreds of thousands of victims

In a separate filing with the Maine Office of the Attorney General, Medusind confirmed that exactly 360,934 people have been affected.

“The particular type of information involved depends on the individual,” it stressed in the letter.

There is currently no evidence of the data being abused in the wild, and Medusind is offering two years of free identity theft monitoring through Kroll. It also urged the victims to monitor their account statements for unexpected or strange entries which might signal identity theft, or fraud attempts, and to report them to the authorities.

Due to the sensitivity of the data they operate, and the high cost of recovery, healthcare organizations are among the most targeted ones for ransomware actors. In fact, recent analysis from Sophos found that the average cost to recover from a ransomware attack was $2.57 million in 2024, up from $2.2 million the previous year.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Lock on Laptop Screen
United Healthcare data breach may have affected 190 million Americans
healthcare
Top US health provider tells 882,000 patients they were hit in August 2023 breach
healthcare
Almost a million ConnectOnCall users may have had data stolen by hackers
ransomware avast
The biggest addiction treatment provider in the US says it was hit by data breach
A person's fingers type at a keyboard, with a digital security screen with a lock on it overlaid.
Blood donation firm reveals donor personal data stolen in cyberattack
healthcare
Over a million clinical records exposed in data breach
Latest in Security
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
Nation-state threats are targeting UK AI research
Application Security Testing Concept with Digital Magnifying Glass Scanning Applications to Detect Vulnerabilities - AST - Process of Making Apps Resistant to Security Threats - 3D Illustration
Google bug bounty payments hit nearly $12 million in 2024
Scam alert
A new SMS energy scam is using Elon Musk’s face to steal your money
Representational image of a cybercriminal
Allstate sued for exposing personal customer information in plaintext
Representational image of a cybercriminal
Criminals are spreading malware disguised as DeepSeek AI
AMD logo
Security flaw means AMD Zen CPUs can be "jailbroken"
Latest in News
A close up of Captain America with Thor and Hulk in the background during the Assemble scene in Avengers: Endgame
'We will draw inspiration': Joe and Anthony Russo reveal which of Marvel's Secret Wars comic book series have influenced Avengers 5 and 6's plot
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
Nation-state threats are targeting UK AI research
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging
Want to buy an RX 9070 or 9070 XT but fed up of the GPUs being out of stock? AMD promises that “more supply is coming ASAP”
Cece Carroway (Sara Silva), Caroline Merteuil (Sarah Catherine Hook), and Lucien Belmont (Zac Burgess) in Cruel Intentions.
Prime Video cancels Cruel Intentions after one season and I'm not surprised by its cruel fate
iOS 18 Control Center
iOS 19: the 3 biggest rumors so far, and what I want to see
Doom: The Dark Ages
Doom: The Dark Ages' director confirms DLC is in the works and says the game won't end the way 2016's Doom begins: 'If we took it all the way to that point, then that would mean that we couldn't tell any more medieval stories'
More about security
Representational image of a cybercriminal

Allstate sued for exposing personal customer information in plaintext
Scam alert

A new SMS energy scam is using Elon Musk’s face to steal your money
Cece Carroway (Sara Silva), Caroline Merteuil (Sarah Catherine Hook), and Lucien Belmont (Zac Burgess) in Cruel Intentions.

Prime Video cancels Cruel Intentions after one season and I'm not surprised by its cruel fate
See more latest
Most Popular
Cece Carroway (Sara Silva), Caroline Merteuil (Sarah Catherine Hook), and Lucien Belmont (Zac Burgess) in Cruel Intentions.
Prime Video cancels Cruel Intentions after one season and I'm not surprised by its cruel fate
A close up of Captain America with Thor and Hulk in the background during the Assemble scene in Avengers: Endgame
'We will draw inspiration': Joe and Anthony Russo reveal which of Marvel's Secret Wars comic book series have influenced Avengers 5 and 6's plot
Representational image of a cybercriminal
Allstate sued for exposing personal customer information in plaintext
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Wednesday, March 12 (game #374)
Quordle on a smartphone held in a hand
Quordle hints and answers for Wednesday, March 12 (game #1143)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Wednesday, March 12 (game #640)
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging
Want to buy an RX 9070 or 9070 XT but fed up of the GPUs being out of stock? AMD promises that “more supply is coming ASAP”
Cowabunga, dude!
Teenage Mutant Ninja Turtles: Shredder’s Revenge, a nostalgic beat-em-up with beautiful pixel graphics, is finally coming to mobile next month
Empirical Health biomarkers
This new health protocol combines 40 smartwatch biomarkers and blood tests to give you a health score
LG C5 OLED T V with forest road and car on screen
LG reveals US pricing for the LG G5 and LG C5 OLED TVs, and it's great news for OLED fans