Firm Notifies Patients of 55 Health Practices Hit by MOVEit Hack

Arietis Health, a revenue cycle management vendor is notifying patients of 55 healthcare practices across several states that their sensitive health and personal information has been potentially compromised in a hack of Progress Software’s MOVEit file transfer application.

See Also: Live Webinar Tomorrow | Cyber Resilience: Recovering from a Ransomware Attack

Fort Meyers, Florida-based Arietis provides billing services to Irving, Texas-based NorthStar Anesthesia, which manages the affected medical practices, which specialize in anesthesia, pain management and related healthcare services.

Arietis in its breach notice said its uses MOVEit file transfer software in the billing services it provides to NorthStar.

Arietis says that it was notified by Progress Software on May 31 of a critical vulnerability affecting MOVEit and took immediate steps to patch its MOVEit server, as advised by Progress Software’s instructions.

But by then, Russian-speaking ransomware group Clop had already launched its mass attack campaign around May 27, when it exploited a zero-day vulnerability in MOVEit to steal data being stored on file transfer servers – a hack that has so far affected thousands of organizations worldwide.

On July 26, Arietis’ investigation into the incident determined that…