Russian cyber thieves linked to personal data breach at North Carolina hospitals
A Microsoft-owned health care technology firm revealed Friday that cyber thieves may have stolen personal data at major North Carolina hospitals, as part of a massive international security breach this year.
The Russian ransomware gang Clop claimed responsibility for the May attacks, information technology news site CRN reported.
Clop hacked Microsoft’s Nuance health-care technology subsidiary, along with Sony, Norton and other major tech vendors and IT services firms, CRN and other national and international media outlets reported.
In a news release Friday, Nuance said personal data may have been breached at numerous North Carolina hospitals and other health care providers, including:
Atrium Health, the Charlotte-based health care system giant.
Catawba Valley Medical Center in Hickory.
DLP Central Carolina Medical Center in Sanford.
Greenville-based ECU Health.
Pinehurst-based FirstHealth of the Carolinas.
Asheville-based Mission Health System.
Winston-Salem-based Novant Health.
Novant Health New Hanover Regional Medical Center in Wilmington.
Chapel Hill-based UNC Health.
Raleigh-based Wake Radiology Diagnostic Imaging.
Raleigh-based WakeMed Health & Hospitals.
Company responds to breach
The breach stemmed from a May 28-29 cyber attack on software company Progress, Nuance officials said.
Compromised data included the services people received and their demographic information, according to the Nuance news release.
Nuance was among “thousands of organizations impacted by Progress Software’s vulnerability,” the company said.
Nuance officials said they immediately secured its systems when Progress disclosed the incident on May 31. Nuance also had cyber security experts, including an outside law firm, investigate the incident.
“Patches were installed as soon as they were available,” the Nuance release said.
“Data privacy and security are among Nuance’s highest priorities,” officials said in Friday’s statement. “The company has extensive measures in place to protect information entrusted to us.”
Nuance also added new information security tools and procedures while urging people to “remain vigilant against incidents of identity theft and fraud.”
What you should do
People should review account statements and monitor their free credit reports for suspicious activity, officials urged.
Those reports are available at www.annualcreditreport.com and by calling 877-322-8228.
People also can call Nuance on a special toll-free line, 888-988-0380, 9 a.m.-9 p.m. weekdays.