According to Wolverine’s notice, the vendor fell victim to a ransomware attack which encrypted many of its records, rendering those files inaccessible.
Easily recover your files that are lost if you fall victim to a malware attack with SkyFlok.
In case of a ransomware attack, SkyFlok has a backup plan for its customers. We keep all previous versions of your files and damage to the latest version due to a ransomware attack in your premises does not compromise the past versions.
Subscribe to SkyFlok and keep your and your client’s data safe!
An investigation was launched, and forensics experts began the process of decrypting and restoring the files on October 3.
The compromised data included patient names, addresses, dates of birth, Social Security numbers, insurance contact details and numbers, medical data, and phone numbers. The investigation could not rule out data exfiltration.
According to HAP’s notice, the breach could have included member identification numbers, provider names, patient identification numbers, and claims data. It appears HAP members’ Social Security numbers and credit card details were not breached by Wolverine’s cyberattack.
While HAP was notified of the event on November 28, the extent of the breach was not known until early February, a spokesperson told local news outlet Detroit Free Press.
The majority of Wolverine’s critical programs were restored by October 25 and critical operations were operational by November 5. However, officials said from November through early February they were still attempting to determine the type of data infected by the malware, the impacted clients, and the specific patients involved.
“The timing of our notices to impacted individuals has been based on these ‘rolling’ discovery dates,” officials said in a statement. “The first notices were mailed on December 28, 2018. Additional notices have been mailed in February and further notices will be mailed in March.”
Wolverine handles the mailing services for HAP and other health-related business clients. The vendor already notified Blue Cross Blue Shield of Michigan on November 8 that the data of an unspecified number of their policyholders was compromised during the ransomware attack.
About 8,000 Three Rivers Health patients may also have been impacted by the ransomware attack. As Wolverine provides services for 700 companies and about 1.2 million individuals across the country, the security incident could impact an even greater number of patients.