By HFT Staff

Two ransomware groups – BianLian and RansomHouse – added Albany ENT & Allergy Services (AENT) to their data leak sites, along with claims that 1 terabyte of data was stolen from its network before files were encrypted. Evidence of data theft was published on the RansomHouse data leak site. 

Albany ENT & Allergy Services has now confirmed in a notification to the Maine Attorney General that unauthorized individuals gained access to its network, which contained the protected health information of 224,486 individuals, including 61 Maine residents. AENT explained in the letters that suspicious activity was detected within its computer network on March 27, 2023, and a third-party forensic investigation was conducted to determine the nature and scope of the incident. AENT said it was able to determine that “an unauthorized actor may have had access to certain systems that stored personal and protected health information,” between March 23, 2023, and April 4, 2023. A review of those files confirmed they contained employee and patient information such as names and Social Security numbers. 

Notifications started to be sent to affected individuals on March 25, 2023, and 12 months of complimentary credit monitoring services have been offered. Since it appears from the claims of the ransomware groups that data has been stolen, affected individuals should ensure they take advantage of those complimentary services. AENT said it is reviewing its policies and procedures, will provide additional training to employees, and will be implementing additional safeguards to further secure information in its systems.