A vendor data breach caused by a ransomware attack may have exposed the data of over 950,000 health insurance customers. The breach occurred at Young Consulting, an Atlanta-based software company that develops integrated software solutions for underwriting, marketing and managing health stop-loss insurance.
According to a breach notice filed with the Maine Attorney General’s Office, Young Consulting experienced technical issues within its computer environment on April 13, 2024. Further investigation determined that between April 10 and April 13, an unauthorized individual accessed Young Consulting’s network and downloaded copies of certain files.
The information involved in the breach varies by individual but includes names, dates of birth, Social Security numbers, policy and claims information, etc. Blue Shield of California also notified patients about the Young Consulting breach and directed affected patients to review the Young Consulting breach notice for more information.
The BlackSuit ransomware group claimed responsibility for the ransomware attack that caused the data breach. The HHS Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note on BlackSuit in November 2023, warning readers that the group “will likely become a credible threat” to the healthcare sector.
The Cybersecurity and Infrastructure Security Agency (CISA) has warned defenders that BlackSuit is a rebranding of Royal, a variant that was also used against the healthcare sector in 2022 and 2023. CISA’s August 2024 updated alert on BlackSuit noted that BlackSuit shares many coding similarities with Royal and has improved capabilities.
CISA recommended that defenders prioritize remediation of known vulnerabilities, enable multi-factor authentication, and train users to recognize and report phishing attacks.
Young Consulting said it took immediate steps to secure its environment after discovering the incident and encouraged affected individuals to use its free credit monitoring and identity theft recovery services.
Jill McKeon has been covering healthcare cybersecurity and privacy news since 2021.
