Sav-Rx Data Breach Compromised PII And Health Data Of 2.8M People
Company said the threat actor destroyed the acquired data but has not yet confirmed if any ransom payment was made
Mihir Bagwe May 27th, 2024
Share on LinkedInShare on Twitter
Sav-Rx, a medication benefits management service provider, experienced a data breach incident that potentially exposed the personal and health information of more than 2.8 million individuals in the United States.
Sav-Rx, operating under A&A Services, provides medication benefits management services to various health plans, which requires collecting and storing personal data from health plan participants and employees.
The incident was first detected on October 8, last year, when the company identified an unauthorized access to its computer network, a breach notification to the Maine Attorney General said. Sav-Rx engaged third-party cybersecurity experts to contain and investigate the breach.
The affected IT systems were restored the next business day, ensuring no disruption to patient care or prescription services. The investigation revealed that an unauthorized third party accessed non-clinical systems and obtained files containing personal and health information, such as:
- names,
- dates of birth,
- social security numbers,
- email addresses,
- physical addresses,
- phone numbers,
- eligibility data, and
- insurance identification numbers.
Clinical and financial information remained secure.
The breach investigation concluded on April 30, and notifications to impacted individuals were sent out beginning May 24.
Sav-Rx confirmed that the unauthorized party destroyed the acquired data and did not further disseminate it. Whether it paid a ransom in exchange of this is unclear as Sav-Rx did not immediately respond to a comment request from The Cyber Express.
Although additional details about the attackers and their motive remain under wraps, Conti ransomware group had reportedly, at the time, claimed responsibility for the attack and demanded an undisclosed amount for not publishing the leaked data.
To mitigate potential harm, the company offers two years of complimentary credit monitoring and identity theft protection through Equifax. Sav-Rx advises affected individuals to monitor their credit reports and account statements for signs of fraud or identity theft. Affected individuals can contact Sav-Rx’s call center at 888-326-0815 for further assistance and information regarding credit monitoring services.
Sav-Rx implemented enhanced security measures, including 24/7 security operations, multi-factor authentication, BitLocker encryption, new firewalls, and system hardening protocols, to prevent future incidents. The company promptly notified law enforcement authorities after detecting the breach.
For more information about the incident, people can visit the FAQ page on the company’s website.
Call for Class Action Against Sav-Rx Data Breach
Considering the widespread impact where the personal and health information of 2,812,336 individuals was compromised, Abington Cole + Ellery, an Oklahoma-based law firm has initiated a class action lawsuit investigation in the Sav-Rx data breach. ACE requested victims interested in participating as a class representative in this class action against Sav-Rx to submit their details in an online form.
Ransomware Attacks on Healthcare Bleeding Billions from U.S. Economy
A recent study revealed that over the past several years, more than 500 successful ransomware attacks have impacted nearly 10,000 healthcare providers, exposing over 52 million patient records and costing the US economy $77.5 billion in downtime alone.
Another study by Proofpoint and Ponemon found that 68% of respondents reported disrupted patient care due to ransomware attacks, 46% noted increased mortality rates, and 38% saw more complications in medical procedures. Additionally, ransomware attacks were linked to 42 to 67 patient deaths over five years and a 33% monthly increase in deaths among hospitalized Medicare patients.