BayMark Health Services Data Breach from Ransomware Attack

2025-01-13

Learn about the importance of robust cybersecurity measures in the healthcare industry to prevent data breaches and ransomware attacks.

BayMark Health Services, a major addiction treatment provider in the US, experienced a ransomware attack that led to a data breach, compromising personal information of patients, including names, birthdates, and sensitive identification and treatment details. The breach affected their IT systems from late September to mid-October. BayMark has begun notifying affected patients and is offering free identity protection and credit monitoring services. The Ransomhub ransomware group claims to have stolen 1.5 terabytes of data, which they have made publicly available. The exact number of individuals impacted remains undisclosed.

Key Facts

Risks:

Sensitive Data, Malware

Keywords:

BayMark Health Services, Ransomware, Data Breach, Patient Data, Identity Protection

CVE:

N/A

Affected:

BayMark Health Services

Article Body

Ransomware Attack Leads to Data Breach at BayMark Health Services

BayMark Health Services, a leading provider of addiction treatment services in the United States, has confirmed a data breach resulting from a ransomware attack. The company, based in Texas, operates around 200 facilities and over 380 programs across 35 states, serving more than 70,000 patients daily.

Notification of the Breach

BayMark has begun notifying patients that their personal information was compromised in the incident. The breach notices were submitted to Attorney General’s Offices in several states, including California and Vermont. On January 8, 2025, BayMark started sending notification letters to affected patients, detailing the breach of their personal data related to the services received from the company's facilities.

Details of the Breach

The security incident, which disrupted some of BayMark's IT systems, allowed attackers to access certain files between September 24 and October 14. These files contained sensitive patient information, including:

Names
Dates of birth
Driver’s license numbers
Social Security numbers
Insurance details
Diagnosis and treatment information

Response and Mitigation

In response to the breach, BayMark is providing impacted individuals with one year of free identity protection and credit monitoring services. The company advises patients to remain vigilant and monitor their statements for any suspicious activity.

Ransomware Group Involvement

Although BayMark has not disclosed specific details about the attack, the Ransomhub ransomware group has taken responsibility, adding BayMark to its Tor-based leak site. The group claims to have stolen approximately 1.5 terabytes of data from BayMark's systems and has made this data publicly available.

SecurityWeek has reached out to BayMark for further information regarding the incident and the number of individuals affected, awaiting their response for more details.

https://www.securityweek.com/major-addiction-treatment-firm-baymark-confirms-ransomware-attack-caused-data-breach/