Azura Vascular Care, a national network of health and wellness centers specializing in minimally invasive procedures, has confirmed a cyber attack resulting in the exposure of 348k patient records. Discovered at the end of 2023, the threat actor accessed Azura’s network environment, encrypting files. While the official statement does not disclose the attack’s origin or potential ransom demands, signs point to a ransom or malware infection, awaiting further public disclosure.
The compromised data includes a range of sensitive information such as names, addresses, dates of birth, Social Security Numbers, medical records, and more. Azura discovered the attack in late September 2023, confirming its impact a month later. The breach notification process is ongoing, with authorities notified around January 13th, 2024. The stolen information poses significant risks, especially for victims with duplicate account information, as cybercriminals could exploit credentials for further unauthorized access.
Azura urges affected parties to take immediate action, even before receiving impact notices, by considering account monitoring services, requesting itemized statements from healthcare providers, and being vigilant for signs of medical fraud. While professional assistance can’t prevent criminal misuse, it can help mitigate potential consequences for those affected.
