The data that can be stolen from these types of attacks is very lucrative to threat actors because it involves the billing, identity, and health information of vulnerable patients. Specialized entities such Wilkes-Barre and Home Care Providers of Texas typically have less resources devoted to mature cybersecurity processes and a smaller budget to deal with attacks.
Anyone that is a patient of these facilities should look for any communication from the company that outlines whether they were included in the breach and what type of information may have been stolen. Anyone that is a patient should ensure they are looking out for phishing emails and other financially motivated social engineering attacks that may arise if their individual data gets sold to other threat groups or used directly by the threat actor. Neither targeted company has announced whether they paid the ransom. In addition, it is highly recommended that organizations ask their users to create complex, unique passwords; these types of attacks are often used to steal passwords from social media or other websites that are then sold or used by the threat group in order to see if users used the same password for their corporate accounts.
https://www.bankinfosecurity.com/attacks-on-2-specialty-care-providers-affect-nearly-600000-a-20941
