Data Breach At Health Care Provider, and More Than 100 Other Companies

February 22, 2023

New Ransomware Gang Hits Sony

Tennessee-based Community Health Systems, a huge healthcare provider with more that 70 hospitals in 16 states, has confirmed that hackers have stolen the personal and protected health information of as many as one million patients. According to its filing with regulators, the data breach occurred due to its use of a file-transfer software called GoAnywhere MFT, developed by Fortra, and previously known as HelpSystems. It is commonly used by big businesses to share and send large sets of data securely. Community Health Systems said the developer recently notified it of the incident that resulted in the unauthorized disclosure of patient data. A Russian ransomware gang has claimed responsibility, and says it is using new zero-day technology in a hacking campaign that has already breached more than one hundred organizations (none except Community Health have come forward as of Feb. 15). The zero-day vulnerability in Fortra’s GoAnywhere software was revealed by a security journalist on February 2. Fortra had issued a security advisory a day earlier, but it was not accessible from its public website. Users had to create a Fortra account in order to access it, a move that has been criticized by cybersecurity experts.

Critical intelligence for general counsel

Stay on top of the latest news, solutions and best practices by reading Daily Updates from Today's General Counsel.

Daily Updates

Sign up for our free daily newsletter for the latest news and business legal developments.

Scroll to Top