San Antonio, Texas-based health IT company CaptureRx has notified a growing list of hospitals and healthcare organizations that their patients' data has been exposed by a ransomware attack on its IT systems.
The company that helps hospitals manage their 340B drug programs said it discovered unusual activity in some of its files in February. Compromised files contained patient records with protected health information, including names, birth dates and prescription details.
A list of hospitals and healthcare providers that have reported breaches stemming from the incident and the number of patients affected:
- Faxton St. Luke's Healthcare, an affiliate of Mohawk Valley Health System (Utica, N.Y.): more than 17,000
- Lourdes Hospital (Binghamton, N.Y.): unknown
- Gifford Health Care (Randolph, Vt.): 6,777
- UPMC Cole (Coudersport, Pa.) and UPMC Wellsboro (Pa.): 7,400
- Bayhealth (Dover, Del.): unknown
- Walmart: unknown