Access Sports releases data of 88,000 people after ransomware attack

New Hampshire-based orthopedic service provider Access Sports recently announced a data breach that affected over 88,000 people.

The incident, discovered on May 10, was caused by a ransomware attack on the company.

Internal investigation initiated after suspicious activities identified

After noticing unusual activity on its network, the company launched a comprehensive investigation that revealed that threat actors had gained unauthorized access to files containing critical data on the network.

The compromised data included names, dates of birth, social security numbers, financial information, health insurance data and medical records.

When Access Sports learned of the incident, the company notified affected individuals and regulators, including the Maine Attorney General’s Office.

No evidence of misuse of stolen data, the company claims

According to the notification to those affected, the company believes there is no direct evidence that third parties have misused the stolen data.

“As of this writing, Access Sports has not received any reports of related identity theft since the date of the incident (May 10, 2024 to present),” the security notice states.

However, Access Sports offered free fraud protection to all affected parties to mitigate any potential risks.

“Inc Ransom” claims ransomware attack led to data theft

Shortly after the breach was discovered, a ransomware group called Inc Ransom claimed responsibility for the attack and listed the company on their darknet leak site.

The cybercrime group claims to have released extensive data allegedly exfiltrated from the company’s network, including contracts, confidential documents, financial data and employee records.

Inc Ransom emerged in July last year and has since then actively targeted various organizations in the education, healthcare and government sectors.

After documenting the gang’s modus operandi, cybersecurity experts found that the gang typically breaks into systems, encrypts data, and steals potentially valuable information to extort ransom payments.

Protecting against the devastating effects of data breaches

Despite best cybersecurity practices, data leaks can sometimes still occur due to factors beyond users’ control, including vulnerabilities in third-party systems, zero-day exploits, or the lack of appropriate security measures somewhere in the chain.

Special software such as Bitdefender Digital Identity Protection can protect you from the dangers of data leaks by providing comprehensive monitoring of your online data and promptly notifying you of any data leaks on both public and darknet websites.

It provides a comprehensive overview of your online data, including traces of services you no longer use, and allows you to instantly close gaps in your digital footprint with simple one-click actions.