More than 2.8 million people have been alerted to the fact their personal data was compromised in a cyber attack on prescription service company Sav-Rx.
On October 8, 2023, the company announced an "interruption to our computer network", after the results of a forensic investigation showed that an unauthorized third party breached the company's system on or around October 3, 2023.
In a letter to those affected, Sav-Rx wrote: "We learned that an unauthorised third party was able to access certain non-clinical systems and obtained files that contained health information. After an extensive review ... we discovered that some of the data accessed or acquired may have contained your protected health information."
The compromised data in question included: full name, Social Security Number, email address, phone number, date of birth, street address, eligibility data, and insurance identification number.
Via an FAQ page linked to from the company's homepage, Sav_Rx explained why it took eight months to notify those affected.
"Immediately upon learning of an interruption to our computer network, we took steps to secure our systems and engaged cybersecurity experts. Our initial priority was restoring systems to minimise any interruption to patient care. After our systems were secured, we launched an investigation, aimed at determining the affected individuals, as well as the specific elements of each individual’s personal information affected by the incident. We received the results of that investigation on April 30, 2024, and promptly sent notifications to our health plan customers whose participant data was affected."
Sav_Rx says that, while they experienced an interruption to their network, the issue was fully resolved and their IT systems were restored within a day.
"We contained the incident and confirmed that any data acquired from our IT system was destroyed and has not been disseminated any further. We contained the incident and confirmed that any data acquired from our IT system was destroyed and has not been disseminated any further."
In light of the breach, the company has enhance their security protocols and controls, technology, policies, and training.