Brightline data breach
Brightline Suffers Data Breach due to Zero-day Vulnerability Affecting Over 783,000 Patients

Pediatric mental and behavioral health provider Brightline has warn its patients. This is regarding a recent data breach that exposed the personal health information of over 783,000 people. The cybercriminals responsible for the attack. They use a zero-day vulnerability in the Fortra GoAnywhere MFT secure file-sharing platform, affecting 130 companies in total.

The data breach

According to Brightline, the attack was by a ransomware gang – Clop. In a statement on its website, the company confirms that the hackers stole health information from its GoAnywhere MFT service.

The personal information under attack includes full names and physical addresses. This also includes dates of birth, member identification numbers, dates of health plan coverage, and employer names. However, Aetna member IDs have not been compromised in the incident.

Brightline was one of several entities listed on Clop’s extortion portal on March 16, 2023. Since the incident, the company has taken several steps to strengthen its security measures. It includes limiting ongoing access to verified users, removing all of its data from the service. It will continue to reduce data exposure until an alternative file transfer solution is identified and implemented.

Impact of the breach

Brightline has partnerships with several healthcare institutes and companies in the United States, and the data breach has impacted numerous entities, including Diageo, Nintendo of America Inc., Harvard University, Stanford University, and Boston Children’s Hospital.

Data published on the breach portal of the U.S Department of Health and Human Services indicates that the incident has impacted over 783,000 people. Brightline has submitted eight individual entries on the government portal, corresponding to eight affected entities.

However, the company’s website lists a more significant number of impacted organizations, suggesting that the final number of affected patients could be higher.

Response to the breach due to zero-day vulnerability

Brightline has said it “took immediate action” when it learned of the incident, confirming that Fortra had deactivated the unauthorized user’s credentials, turned off the service, and rebuilt the version so it was no longer vulnerable.

The company has also offered all impacted patients two years of complimentary identity theft and credit monitoring services.

Recap – Zero-day vulnerability

The data breach at Brightline is just one of many recent attacks on healthcare providers and highlights the need for improved cybersecurity measures across industries. Companies must continually assess and update their defenses against evolving threats to protect the sensitive information of their clients and stakeholders.