DataHEALTH, Inc. Has Started Notifying People About a Cybersecurity Incident.

DataHEALTH's investigation determined that the ransomware incident did not impact any customers who received cloud backup services.

Fremont, CA: COVID-19 advanced digital business, but it also accelerated the trend of many digital assets — and people — increasingly placed outside traditional company infrastructure. In addition, cybersecurity professionals got tasked with securing a slew of new technologies and digital transformations. It necessitates security alternatives that are flexible, agile, scalable, and composable, allowing the company to move forward while being safe.

DataHEALTH, Inc., a cloud hosting, cloud backup, data storage, and recovery service provider for the health care industry that serves health care providers across the country, announced today that it was the victim of a criminal ransomware attack on some of its servers containing health care providers' data. This alert is being distributed on behalf of the affected health care providers by DataHEALTH.

When DataHEALTH learned of the event on November 3, 2021, it promptly took steps to control the issue, initiated an investigation, and hired third-party cybersecurity forensic specialists. DataHEALTH also alerted federal authorities. DataHEALTH was the victim of a criminal ransomware assault on its cloud hosting services, according to the inquiry. Customers that use DataHEALTH cloud backup were not affected.

As a consequence of the inquiry, DataHEALTH discovered that an unauthorized entity gained access to and obtained files containing patient information from a specific number of DataHEALTH's servers. The threat actor appears to have gotten access by compromising third-party software credentials used by several DataHEALTH health care provider clients. Currently, DataHEALTH has discovered no indication that any DataHEALTH-specific accounts or credentials got hacked, nor that any of DataHEALTH's encrypted databases got accessed.

While the investigation is still ongoing, due to the nature of the attack and the information involved, DataHEALTH has not ruled out potential access to certain health care providers' patient information if it was not in DataHEALTH's encrypted databases. DataHEALTH's investigation determined that the ransomware incident did not impact any customers who received cloud backup services. Only some health care providers who use DataHEALTH hosting services got affected, either directly or indirectly.