US Fertility says patient data was stolen in a ransomware attack

U.S. Fertility, one of the largest networks of fertility clinics in the United States, has confirmed it was hit by a ransomware attack and that data was taken.

The company was formed in May as a partnership between Shady Grove Fertility, a fertility clinic with dozens of locations across the U.S. East Coast, and Amulet Capital Partners, a private equity firm that invests largely in the healthcare space. As a joint venture, U.S. Fertility now claims 55 locations across the U.S., including California.

In a statement, U.S. Fertility said that the hackers “acquired a limited number of files” during the month that they were in its systems, until the ransomware was triggered on September 14. That’s a common technique of data-stealing ransomware, which steals data before encrypting the victim’s network for ransom. Some ransomware groups publish the stolen files on their websites if their ransom demand isn’t paid.

U.S. Fertility said some personal information, like names and addresses, were taken in the attack. Some patients also had their Social Security numbers taken. But the company warned that the attack may have involved protected health information. Under U.S. law, that can include information about a person’s health or medical conditions, like test results and medical records.

When reached, Amulet spokesperson Melissa Sheer declined to comment further or answer any of our questions.

U.S. Fertility didn’t say why it took more than two months to publicly disclose the attack, but said in the notice that its disclosure was not delayed at the request of law enforcement.

This is the latest attack targeting the healthcare sector. In September, one of the largest hospital systems in the U.S., Universal Health Services, was hit by the Ryuk ransomware, forcing some affected emergency rooms to close and to turn patients away. Several other fertility clinics have been attacked by ransomware in recent months.

Read more: