Enzo Biochem, a biotechnology firm famend for producing and distributing DNA-based assessments designed to determine viral and bacterial illnesses, has not too long ago confirmed in a submitting with the Securities and Trade Fee (SEC) that it fell sufferer to a ransomware assault.
The malicious cyber assault has uncovered the confidential data of two.47 million sufferers, together with names, take a look at data and 600,000 Social Safety numbers.
“As soon as once more, we see the healthcare business hit by one other ransomware assault,” commented Darren James, senior product supervisor at Specops Software program. “Thus far, we solely know that affected person knowledge was compromised; there may be nonetheless a query mark round misplaced worker knowledge and particulars of how the attackers accessed the community.”
Learn extra on assaults focusing on healthcare: Phishing High Menace to US Healthcare
Enzo Biochem mentioned that in response to the assault, it carried out containment measures based on its catastrophe restoration plan, together with disconnecting the affected programs from the web. The corporate additionally launched an investigation with the help of third-party cybersecurity consultants and promptly notified legislation enforcement authorities.
Enzo Biochem mentioned its operations had been maintained regardless of the assault, and its services stay open, enabling the continued provision of providers to sufferers and companions.
On the identical time, the corporate confirmed the ransomware assault has resulted in vital bills, together with prices associated to incident response, remediation and investigation.
“Biotechnology corporations, comparable to Enzo, are a important element of the combat towards most cancers and different viral and bacterial illnesses,” defined Sean McNee, vp of analysis and knowledge at DomainTools.
“As a result of this knowledge is extraordinarily delicate, together with individuals’s well being data and SSNs, affected people will have to be vigilant in monitoring for attainable on-line id theft from this ransomware incident. Folks ought to verify their credit score reviews for suspicious entries and likewise place freezes and fraud alerts on their accounts.”
The agency mentioned it found the breach on April 11 2023, whereas the SEC Type 8-Okay was signed on behalf of Enzo Biochem by Hamid Erfanian, its chief govt officer, on Could 30 2023.
Simply weeks earlier than the Enzo Biochem incident, NextGen Healthcare, a supplier of digital well being file software program, disclosed that its programs had been compromised by hackers who efficiently obtained the private data of over a million sufferers.
