Medicaid Billing Service Hit with Ransomware Attack targeting 116,000 Individuals

Another healthcare organization was hit with a Ransomware attack that resulted in the encryption and theft of data.

Timberline Billing Service, LLC, a Des Moines, IA-based Medicaid billing company, suffered the ransomware attack exfiltrated information from its systems.

The information was exfiltrated from its systems prior to the encryption of files and an investigation into the attack revealed an unknown individual gained access to its systems between February 12, 2020 and March 4, 2020 and deployed ransomware.

190 schools in Iowa are clients of Timberline’s and school districts statewide, which have been notified, have been impacted by the breach.

Timberline also has offices in Kansas and Illinois and it is currently unclear exactly how many schools were affected and if the breach was limited to schools in Iowa.

Types of data believed to have been obtained by the hacker include: names, dates of birth, Medicaid ID numbers, and billing information.

It was reported that a small number of Social Security numbers were also potentially compromised.

Although data theft occurred, there are no reports at this time that any of the data has been misused.

University of California San Francisco (UCSF) has suffered a similar cyber-attack in which personal and health information held by the UCSF School of Medicine was potentially compromised.

The cyber-attack was detected on June 1, 2020 and involved a limited part of the School of Medicine’s IT systems.

No further information on the exact nature of the attack has been released.

About the author

Katie Brownley

Health & IT Journalist covering Cybersecurity News, Data Breaches and Security Industry News. Email is open for DM and News Tips are Welcome

Subscribe to Our Newsletter