Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
A large medical debt collection company was a victim of a ransomware attack that occurred in mid-August.
Based in Chicago, R1 RCM employs more than 19,000 people and works with 750 healthcare companies throughout the United States. The company was previously known as Accretive Health Inc.
How Did the Latest Ransomware Attack on Medical Debt Collection Agency Occur?
Even though no official R1 RCM spokesperson has identified the ransomware or how the data breach occurred, KrebsOnSecurity allegedly spoke with someone involved in the investigation who reported the malware used was Defray.
The Defray ransomware has been targeting healthcare companies since 2017. The malware is most often introduced when an unsuspecting healthcare company employee opens an email attachment in the form of Microsoft Word, according to TrendMicro.
The catastrophic emails are often well disguised because they may appear to come from the healthcare organization’s own IT department or other in-house department, and also may reference the attached document as patient test reports or other pertinent information.
PCRisk.com notes that Defray is capable of generating text files that tell the targeted victim that the victim’s own data has been encrypted and that only a payment of $5,000 in Bitcoins will ensure the victim is able to access the information once again. Defray uses three different encryption programs to lock down the data, which according to PCRisk, means more than one unique key is needed to unlock it.
While many organizations are tempted to pay the ransom to retrieve the key as soon as possible, the FBI advises against making such a payment because there’s no guarantee the cyber criminals will provide you with access to your data in return.
As cyber criminals become more sophisticated, the FBI has increased the manpower on its Internet Crime Complaint Center. Among the tips the FBI recommends to prevent ransomware from disrupting life in the healthcare setting or at any business:
- Ensure all operating systems, software and applications that you run are current and up-to-date. For instance, there have been reports that places still relying on the Windows 7 operating system are more vulnerable to cyber attacks.
- Set your anti-virus and anti-malware programs to update automatically and to run scans of your hard drive and networks during regular intervals.
- Back up all your data on a regular basis, and make sure those backups are actually being completed as they should.
- Close any vulnerabilities by securing your backups, which means the backup system should not be connected to devices or networks that they are intended to back up.
- As in preparation for other disasters, a healthcare organization should create a continuity plan to reduce the economic disruption and to keep critical business and patient care functions in place in the event of a ransomware attack.
What Medical Debt Collection Data Was Exposed?
As of Aug. 24, R1 RCM has not said which of its systems were affected by the ransomware attack.
It is possible that hackers were able to access patient registration information such as name, address, phone number, dates of birth, Social Security numbers, insurance ID numbers and accompanying information, medical treatment history and financial information that pertains to billing and payment collection.
What Rights Do You Have After a Ransomware Attack?
Antivirus software company Norton recommends contacting the breached company to verify that a data breach did occur and asking if your information was accessed or stolen. The breached company also should be able to tell you what information the hackers nabbed so you can take proper steps to prevent repercussions to your identity.
If the hackers only had access to a credit card number, you may only need to cancel the card and ask your credit card company to reissue you a new one. If the ransomware attack allowed the hackers to gain access to your Social Security number or your bank account numbers and passwords, you may be at risk of identity theft, both currently and in the future.
In the case of the R1 RCM medical debt collection data breach, patients may wish to check with the billing departments of their physicians and hospitals to determine if any of them use R1 RCM for billing collection purposes.
When Should You File a Medical Debt Collection Ransomware Lawsuit?
A ransomware lawsuit may be filed any time after the data breach has occurred and you determine your information was compromised or likely compromised.
Any company that provides goods or services online has a responsibility to ensure the privacy of its customers and the security of their private information is taken seriously.
Free R1 RCM Ransomware Attack Class Action Lawsuit Investigation Evaluation
Check with your doctors’ offices and hospitals to see if R1 RCM is involved in your medical billing process. If so, you may qualify to join a healthcare medical debt collection ransomware attack class action lawsuit investigation.
This article is not legal advice. It is presented
for informational purposes only.
ATTORNEY ADVERTISING
Top Class Actions is a Proud Member of the American Bar Association
LEGAL INFORMATION IS NOT LEGAL ADVICE
Top Class Actions Legal Statement
©2008 – 2024 Top Class Actions® LLC
Various Trademarks held by their respective owners
This website is not intended for viewing or usage by European Union citizens.
2 thoughts onHow Did the Medical Debt Collection Agency Ransomware Attack Occur?
ADD me
Please add me