Information on about 38,000 patients of Reproductive Biology Associates (RBA) and affiliate My Egg Bank North America have been compromised in a ransomware attack.
The at-risk data includes full name, address, social security number, laboratory results and information relating to handling of human tissue.
The Georgia-based company has gone public about an incident it first became aware of on 16 April by discovering a file server containing embryology data was encrypted and therefore inaccessible.
RBA shut down the server, terminated the actor’s access to it, and continues to investigate the data breach.
After regaining access to the encrypted files, and company says it obtained confirmation from the attacker that all exposed data was deleted and is no longer in their possession.
“In an abundance of caution, we conducted supplemental web searches for the potential presence of the exposed information, and at this time are not aware of any resultant exposure,” it added. “We are continuing to conduct appropriate monitoring to detect and respond to any misuse or misappropriation of the potentially exposed data.”
RBA also stated: “We regret that this incident occurred and take the security of our information very seriously … We have also applied additional internal controls and have provided additional cyber security training to our staff to prevent this type of incident from occurring in the future.”
The company describes itself as providing customised fertility care to couples by offering a range of assisted reproductive technologies, treatment for all causes of infertility, counselling and other reproductive services.
RBA is also a founding partner of MyEggBank, a network of infertility centres providing frozen donor egg bank services to patients across the US and Canada.
Make sure to register to PrivSec Global now and tune into “Data Breaches: It Does Happen to Every Company, It Does Happen All The Time, and It Is a Big Deal.”
23 June at 3pm BST | 4pm CEST | 9pm HK
- Carter Schoenberg, VP Cybersecurity and Chief Cybersecurity Officer, SoundWay Consulting Inc
- Jennifer Beckage, Founder, Esq., CIPP/US, CIPP/E, Beckage
- Victoria van Roosmalen, CISO/DPO, Coosto
- Rebecca Perry, CIPP US/G, Director of Strategic Partnerships, Exterro