HQ/EMEAFind out how we can help your business
Brightline, a pediatric mental health provider, notified its patients of a data breach incident within their systems. The incident could allegedly impact nearly 800,000 individuals.
According to reports, a ransomware group has stolen the entity’s data by exploiting a zero-day flaw in its Fortra GoAnywhere MFT secure file-sharing platform.
Brightline is a health provider that focuses on supporting mental and behavioural health.
Reports stated that the affected entity, Brightline, offers virtual counselling for children and teenagers to support mental health. However, the company confirmed that it suffered data loss during a threat actors’ activity against its GoAnywhere MFT service that stored protected health information.
Th Cl0p ransomware group allegedly executed the attack after abusing CVE-2023-0669, which they also exploited to steal from 130 companies. The Cl0p ransomware operators have included Brightline on its extortion portal. This detail implies that the health-providing company was among the organisations that suffered from the large-scale attack the Cl0p ransomware group executed.
The company’s initial investigation showed that the Cl0p ransomware group has successfully stolen troves of data, including names, addresses, dates of birth, member identification numbers, date of health plan coverage, and employer names.
In addition, the notification indicates that Aetna member IDs did not undergo compromise from the data breach.
Unfortunately, Brightline’s partnerships with US healthcare institutions and firms have impacted other entities. Hence, different well-known organisations and academic institutions could suffer from the effect of the recent breach. The Brightline notification has also listed the affected companies.
According to a recent tally on the breach portal of the USDHHS, the incident has impacted about 783,000 people. However, this number might significantly increase since it only came from the initial investigation. Therefore, new progress regarding the attack could result in more affected individuals.
Further, Brightline has only submitted eight entries on the government portal despite the long list of its impacted organisations that could also be an affected part of the incident. The company has offered all impacted individuals two years of identity theft and credit monitoring services.
