Data breach at Medical Review Institute of America exposes 134,000 individuals’ personal information

Data breach at Medical Review Institute of America exposes 134,000 individuals’ personal information

https://www.securityweek.com/mrioa-discloses-data-breach-affecting-134000-people

Exploit: Ransomware

Medical Review Institute of America (MRIoA): Medical Analytics

3964497747

Risk to Business: 1.227 = Severe Utah-based medical information and analysis company Medical Review Institute of America (MRIoA) announced that it has experienced a data breach. The incident was discovered on November 9, 2021, and officials were able to confirm that data had been stolen by November 16, 2021. In a data breach filing, the company said that over 134,000 individuals were impacted by the incident which is still under investigation. The company did say that it “retrieved and subsequently confirmed the deletion of” stolen data, but no information was released about a ransom amount or if they paid the ransom.

img2-Three-Affiliated-Tribes-servers

Risk to Business: 1.801 = Severe Protected health information was snatched including patients’ names, gender, physical and email addresses, phone numbers, birth dates, Social Security numbers, full clinical information (including diagnosis, treatment, medical history, and lab test results) and financial information (such as health insurance policy and group plan number).

Customers Impacted: Unknown
How It Could Affect Your Customers’ Business : Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses.

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.