This may be one of the best transgress notifications I have ever record — for its plain language, clarity, and lack of effort to spin. Not only did these folks respond promptly to an attack, but they had usable backups, stopped the round quickly, and just…. handled this so well, it seems. Maybe they didn’t have all desirable certificate protections in localize prior to the attack, but their response to it has been admirable. Here’s their full notice, below: december 18, 2020 08:30 promethium Eastern criterion time SCOTTSDALE, Ariz.–(BUSINESS WIRE)–GenRx Pharmacy (�GenRx�), which is headquartered in Scottsdale, AZ, is notifying individuals of a data security incident. The incident could potentially impact the security of certain personal and protected health information regarding less than five percent of former GenRx patients. While the pharmacy is not aware of any actual harm to individuals as a outcome of the situation, it is providing potentially affected individuals with info via first class mail regarding steps taken, and what can live done to protect against potential harm. What Happened On september 28, 2020, the pharmacy found evidence of ransomware on its system and immediately began an investigation, including hiring independent information security and technology (�I.T.�) experts to assist with incident response and forensic investigation. During the ransomware attack, the pharmacy had full access to its data with unaffected backups and was able to maintain continuous business operations as they investigated. Together with forensic experts, the pharmacy terminated the cybercriminals� access to the pharmacy�s systems the same day (September 28, 2020) and confirmed that an unauthorized third party deployed the ransomware only 1 day before (September 27, 2020). On november 11, 2020, the pharmacy confirmed that the cybercriminals were able to withdraw a small number of files that included certain health information the pharmacy used to process and ship prescribed products to patients. What information Was Involved The cybercriminals accessed and removed the following health information of certain former GenRx patients: patient ID, transaction id (a number generated to process the prescription, not related to patient financials), first and last name, address, phone number, appointment of birth, gender, allergies, medication list, health plan information (including member ID), and prescription information. The pharmacy does not collect patient Social certificate Numbers (�SSNs�) or maintain financial information, and so there is no way that the cybercriminal could access that info of GenRx patients during this incident. What the pharmacy is Doing In addition to the I.T. surety measures already in place, the pharmacy has upgraded its firewall firmware, added additional anti-virus and web-filtering software, instituted multifactor authentication, increased Wi-Fi network traffic monitoring, provided additional preparation to employees, updated internal policies and procedures, and installed real-time intrusion detection and response software on all workstations and servers that access the company network. The pharmacy is also assessing further options to heighten its protocols and controls, technology, and training, including strengthening encryption. Additionally, the pharmacy is notifying applicable country and federal regulatory authorities as well as the ternion largest nationwide consumer reporting agencies � Equifax, Experian and TransUnion � of the incident. What Affected Individuals can make Although SSNs and financial information were not affected by this incident, the pharmacy recommends that as a general best practice, individuals monitor account statements and free credit reports to detect potentiality errors. Additional Information Affected individuals canful discover more about this matter by calling the number listed in their mailed notification letter. GenRx has a strong commitment to protect personal information and is taking additional steps to heighten data security going forward. GenRx apologizes for any concern this situation has caused to its patients. contact call Center, available at: 877-835-1827 between 9am � 9pm Eastern Time, monday through Friday.
