New York based fertility clinic, Extend Fertility, has confirmed that they suffered a ransomware attack back in December 2021. Third-party cyber forensic analysts were hired to investigate the attack. So far, investigations have revealed that the threat actors behind the attack accessed servers that contained patient information. Some if this information includes first and last name, gender, home address, phone number, email address, and date of birth, medical history, diagnosis and treatment information, dates of service, lab test results, prescription information, provider name, medical account number and financial information. The group or individual behind the attack has not yet been discovered, but analysis is still being conducted. The total number of affected individuals has not been confirmed, however, some individuals have started to receive notifications stating that their information was involved in the incident.
Free credit and identity monitoring has been offered to those impacted by the event. Throughout the investigation process, no evidence of misuse or redistribution of the information has been found, but that could change in the future. If any suspicious activity is noticed by affected parties, they should contact Extend Fertility and any other necessary outlets to report their findings.