Massachusetts-based mid-size nonprofit acute hospital Anna Jaques Hospital had sensitive information from 316,342 patients compromised in an attack last Christmas, which was later claimed by the Money Message ransomware operation, BleepingComputer reports.
Investigation into the incident, which was only finalized earlier last month, revealed that Money Message was able to exfiltrate individuals' demographic details, medical and health insurance information, financial data, Social Security and driver's license numbers, and other personal and health details, said Anna Jaques in a breach notification that has been filed with the Office of the Maine Attorney General. Despite the compromise, there has been no evidence suggesting any misuse of the stolen data, said the hospital in an announcement on its website. "[O]ut of an abundance of caution, commencing on December 5, 2024, Anna Jaques notified individuals whose information may have been impacted as a result of the incident to the extent Anna Jaques had their address. Additionally, Anna Jaques reminds its employees and patients to remain vigilant in reviewing financial account statements on a regular basis for any fraudulent activity," Anna Jaques added.