CaptureRx Ransomware Hit Multiple Healthcare Provider Clients


CaptureRx, a world-leading San Antonio-based Healthcare technology organization has recently witnessed a ransomware attack wherein hackers accessed the protected health credentials of its customers and patients. 

The health organization provides its facilities to around 500 hospitals and health centers in over 45 states via an independent pharmacy network with other independent, local, and national pharmacies – the company is a TX-based 340B solution provider. 

The cybersecurity unit had discovered an attack on February 19 earlier this year, with the confirmation that an unauthorized cyber group got access into the health care facility and had stolen files of around 24,000 individuals that contain sensitive credentials of the patients including their first and last names, dates of birth, prescription information, and medical record numbers. 

Once the attack was detected, the firm began to review all those files, which was finished on March 19, 2021. In the wake of the incident, while taking measures, the firm informed all affected healthcare provider clients between March 30 and April 7, 2021. 

Cautioned by the attack, the firm has revised its policies and procedures of the systems while giving additional training to the workforce in order to reduce future possibilities of such attacks. 

However, at the moment, the organization has not provided any further technical details on the breach such as how many of its healthcare provider clients were affected. Nevertheless, HIPAA journal has reported a shortlist of victims including: 

• Thrifty Drug Stores (Thrifty White) – Currently unknown number of patients. 
• The Mohawk Valley Health System affiliate, Faxton St. Luke’s Healthcare in New York – 17,655 patients. 
• Randolph, VT-based Gifford Health Care – 6,777 patients. 

Furthermore, CaptureRx reported: The investigation that took place has uncovered that no evidence shows any actual or attempted misuse of stolen data. However, affected individuals are suggested to monitor their bank accounts against any fraudulent activity.