US Fertility, one of the largest networks for fertility clinics in the country, said hackers gained patient information — including names, addresses and Social Security numbers — through a malware attack.
The breach was discovered on Sept. 14 when some of US Fertility’s computer systems were inaccessible, the company said in a statement Wednesday.
A “limited number of files” was obtained sometime between Aug. 12 and Sept. 14, when the ransomware was triggered, an investigation found.
The probe showed that “data on a number of servers and workstations connected to our domain had been encrypted by ransomware.”
The systems were fixed and back up and running on Sept. 20.
Earlier this month, US Fertility learned that information including names, addresses, dates of birth and Social Security numbers were taken in the breach.
“The types of information impacted vary by individual, and we determined that for many individuals, Social Security numbers were not impacted,” the company said. “Please also note that we have no evidence of actual misuse of any individual’s information as a result of the Incident.”
US Fertility was formed in May, serving 55 locations across 10 states. Its clinics and more than 80 physicians completed nearly 25,000 in vitro fertilization cycles in 2018.
