The IT Nerd

In a recent filing with the SEC, Enzo Biochem has confirmed that a ransomware attack exposed the clinical test information of almost 2.5 million patients. 

The DNA-based test manufacturer stated that on April 6th it experienced a ransomware attack where hackers were able to access and exfiltrate sensitive data from the company’s systems including clinical test data of 2,470,000 individuals and approximately 600,000 SSNs:

As previously disclosed, on April 6, 2023, Enzo Biochem, Inc. (the “Company”) experienced a ransomware attack that impacted certain information technology systems. In response, the Company promptly deployed containment measures, including disconnecting its systems from the internet, launched an investigation with assistance from third-party cybersecurity experts, and notified law enforcement. The Company adhered to its disaster recovery plan, which enabled it to maintain operations throughout the incident response process. The Company’s facilities are open, and it continues to provide services to its patients and partners. 

On April 11, 2023, the Company became aware that certain data, including names, test information, and Social Security numbers, was accessed, and in some instances, exfiltrated from the Company’s information technology systems as part of this incident. The investigation of this incident and the assessment of its impact is ongoing. However, the Company identified unauthorized access to or acquisition of clinical test information of approximately 2,470,000 individuals. The Social Security numbers of approximately 600,000 of these individuals may also have been involved. The Company is evaluating whether its employees’ information may have been involved. The Company will provide notice to the individuals whose information may have been involved, as well as to regulatory authorities, in accordance with applicable law. 

The Company has incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate and investigate this matter. Further, the Company remains subject to risks and uncertainties as a result of the incident, including as a result of the data that was accessed or exfiltrated from the Company’s network as noted above. Additionally, security and privacy incidents have led to, and may continue to lead to, additional regulatory scrutiny. The Company is in the process of evaluating the full scope of the costs and related impacts of this incident.

Enzo is the latest with the medical community compromised in recent months. In May, PharMerica and MCNA Dental confirmed data breaches that together compromised the data of more than 15 million individuals. 

Roy Akerman, Co-Founder & CEO, Rezonate had this comment:

   “Identity PII and PHI data continues to be a high-demand target for malicious attackers. Disconnecting machines from outside access for the most part will not help against an already encrypted system or further prevent automatic propagation of malware. Often times Ransomware attacks are used for financial gain, often times for data exfiltration and often both as we’ve seen with the “double dip” ransomware attacks. In this case the attackers had potentially intended to compromise data and further leverage that for additional follow up attacks or sell in dark web. As more information becomes available we will be able to determine the root cause, intent and complete impact.”

The fact that health care continues to be a target of threat actors should tell those in that are in that space that they need to focus on ensuring that threat actors can’t execute their evil plans. Otherwise, this trend of health care organizations getting pwned will continue.