On Friday, Sav-Rx, a prescription management company, filed a breach notification disclosing that it suffered a cyberattack in October 2023, compromising the personal data of over 2,812,336 people in the US.
A&A Services, operating as Sav-RX, is a company that provides prescription drug management services to employers, unions, and other organizations across the U.S.
The impact on its business operations was minimal, systems were restored in a day and prescriptions were shipped on time.
The data exposed included:
- Full names
- DOBs
- SSNs
- Emails
- Addresses
- Phone numbers
- Eligibility data
- Insurance ID numbers
The breach notification revealed that the hackers first accessed customer data on October 3, 2023.
Sav-Rx stated that it took eight months to send out notices because their initial priority was minimizing interruption to patient care before launching the investigation on the impact of the incident.
In response to the incident, Sav-Rx is setting up a 24/7 security operations center, implementing MFA on critical accounts, network segmentation, enhanced geo-blocking, upgraded firewalls and switches, strengthened Linux security, and BitLocker encryption.
BullWall Executive, Carol Volk had this to say:
“While Sav-Rx managed to restore operations swiftly, the compromised data—ranging from full names and Social Security numbers to insurance ID numbers—highlights the grave risks posed to individuals’ personal information. The delayed breach notification, which took eight months, reflects the challenges organizations face in balancing immediate operational needs with comprehensive incident response.
“This incident is a stark reminder that cybersecurity cannot be an afterthought. Sav-Rx’s response, including the establishment of a 24/7 security operations center and implementation of multi-factor authentication, network segmentation, and advanced encryption, is commendable. However, these steps, including ransomware containment, should have been proactive measures rather than reactive responses.
“The healthcare sector must prioritize cybersecurity investments and adopt proactive strategies to protect patient data and critical infrastructure. The Sav-Rx breach emphasizes the importance of preparedness and the need for continuous vigilance to safeguard against future attacks.”
Dave Ratner, CEO, HYAS follows with this:
“The remediation and implementation plan being conducted post-breach is necessary and good — and if other organizations haven’t done this yet then they are behind — but unfortunately in today’s era it is not sufficient. Given the prolific onslaught of attacks, and the fact that criminals continue to evolve their techniques and attack vectors, everyone needs to include the implementation of cyber resiliency and Protective DNS in their 2024 security plans.”
Everything that this organization is doing now is too late to prevent the damage that is sure to come to those who are affected by this breach. Hopefully someone in Washington is going to call this company on the carpet to explain themselves in detail.
Like this:
Like Loading...
Related
This entry was posted on May 29, 2024 at 8:59 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
2.8 Million People Impacted By A Prescription Management Company Getting Pwned
On Friday, Sav-Rx, a prescription management company, filed a breach notification disclosing that it suffered a cyberattack in October 2023, compromising the personal data of over 2,812,336 people in the US.
A&A Services, operating as Sav-RX, is a company that provides prescription drug management services to employers, unions, and other organizations across the U.S.
The impact on its business operations was minimal, systems were restored in a day and prescriptions were shipped on time.
The data exposed included:
The breach notification revealed that the hackers first accessed customer data on October 3, 2023.
Sav-Rx stated that it took eight months to send out notices because their initial priority was minimizing interruption to patient care before launching the investigation on the impact of the incident.
In response to the incident, Sav-Rx is setting up a 24/7 security operations center, implementing MFA on critical accounts, network segmentation, enhanced geo-blocking, upgraded firewalls and switches, strengthened Linux security, and BitLocker encryption.
BullWall Executive, Carol Volk had this to say:
“While Sav-Rx managed to restore operations swiftly, the compromised data—ranging from full names and Social Security numbers to insurance ID numbers—highlights the grave risks posed to individuals’ personal information. The delayed breach notification, which took eight months, reflects the challenges organizations face in balancing immediate operational needs with comprehensive incident response.
“This incident is a stark reminder that cybersecurity cannot be an afterthought. Sav-Rx’s response, including the establishment of a 24/7 security operations center and implementation of multi-factor authentication, network segmentation, and advanced encryption, is commendable. However, these steps, including ransomware containment, should have been proactive measures rather than reactive responses.
“The healthcare sector must prioritize cybersecurity investments and adopt proactive strategies to protect patient data and critical infrastructure. The Sav-Rx breach emphasizes the importance of preparedness and the need for continuous vigilance to safeguard against future attacks.”
Dave Ratner, CEO, HYAS follows with this:
“The remediation and implementation plan being conducted post-breach is necessary and good — and if other organizations haven’t done this yet then they are behind — but unfortunately in today’s era it is not sufficient. Given the prolific onslaught of attacks, and the fact that criminals continue to evolve their techniques and attack vectors, everyone needs to include the implementation of cyber resiliency and Protective DNS in their 2024 security plans.”
Everything that this organization is doing now is too late to prevent the damage that is sure to come to those who are affected by this breach. Hopefully someone in Washington is going to call this company on the carpet to explain themselves in detail.
Share this:
Like this:
Related
This entry was posted on May 29, 2024 at 8:59 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.