A zero-day vulnerability in Fortra's GoAnywhere MFT secure file transfer technology was the focus of a recent round of attacks, according to Community Health Systems (CHS).
A further investigation showed that the consequent data breach affected up to 1 million patients' personal and health information.
Additionally, it stated that it would provide identity theft protection services and alert any affected people whose information was compromised.
TPRM report: https://scoringcyber.rankiteo.com/company/community-health-systems
"id": "com21810723",
"linkid": "community-health-systems",
"type": "Breach",
"date": "01/2023",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 1000000,
'industry': 'Healthcare',
'name': 'Community Health Systems (CHS)',
'type': 'Healthcare'}],
'attack_vector': 'Zero-Day Vulnerability',
'customer_advisories': 'Provide identity theft protection services and alert '
'affected individuals',
'data_breach': {'number_of_records_exposed': 1000000,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Health Information']},
'description': "A zero-day vulnerability in Fortra's GoAnywhere MFT secure "
'file transfer technology was the focus of a recent round of '
"attacks, affecting up to 1 million patients' personal and "
'health information.',
'impact': {'data_compromised': ['Personal Information', 'Health Information'],
'identity_theft_risk': 'High'},
'response': {'communication_strategy': 'Inform affected individuals and '
'provide identity theft protection '
'services'},
'title': 'Data Breach at Community Health Systems Due to Zero-Day '
"Vulnerability in Fortra's GoAnywhere MFT",
'type': 'Data Breach',
'vulnerability_exploited': "Zero-Day Vulnerability in Fortra's GoAnywhere MFT"}