Enzo Biochem recently confirmed in an 8-K filing to the Securities and Exchange Commission that the clinical test data of 2,470,000 people had been compromised. On April 6, 2023, a ransomware attack hit and resulted in this breach.
The stolen data included names, test results, and, for around 600,000 people, National Insurance numbers. Enzo Biochem is presently undertaking an investigation to find whether employee information was also exposed.
According to the SEC filing by Enzo CEO Hamid Erfanian:
The company remains subject to risks and uncertainties as a result of the incident, including the data that was accessed or exfiltrated from the company’s network. Additionally, security and privacy incidents have led to, and may continue to lead to, additional regulatory scrutiny. The company is in the process of evaluating the full scope of the costs and related impacts of this incident.
Enzo withheld information on how it was compromised or whether it received a ransom demand from the hacking group responsible. There is yet no proof that a well-known ransomware group has taken responsibility for the attack.
A data breach notification letter is usually sent to all parties affected by the incident by the company. However, Enzo Biochem is still examining the effects of the most recent ransomware outbreak. The corporation might not have yet sent these letters as a result.
You might be one of the almost 2.5 million people who are now at danger of identity theft if you receive a data breach notification from Enzo Biochem. These people may now be at danger of identity theft and the damaging financial and legal costs that come with it.
The list of medical businesses dealing with a breach of private data over the past few months has just grown to include Enzo Biochem.
In addition, PharMerica, a reputable American pharmaceutical service provider, confirmed in May that hackers had successfully stolen the personal information of 5.8 million people, both alive and dead. Social Security numbers, information on medications, and details on health insurance were among the leaked data.
It is likely that Enzo Biochem would give free credit monitoring and identity protection services to the affected people in the letter about the data leak. It is valuable that the victims sign up for this service in such a situation.
Consumers should be informed that a one-year credit monitoring period is not long enough to protect them from the risks linked to a data breach.
The company is currently assessing the full cost and outcomes of the incident, and they believe that officials will pay it more attention. The company also wants to reassure everyone that its facilities are available for business and that they were able to continue working despite the ransomware attack.
Phishing Tackle offers a free 14-day trial to help train your users to avoid these types of attacks and test their knowledge with simulated attacks using various attack vectors. By focusing on training your users to spot these types of attacks, rather than relying solely on technology, you can ensure that your organisation is better prepared to defend against cyber threats and minimise the impact of any successful attacks.
