Brightline Psychiatric Service Provider has warned its patients that their data was leaked, affecting 783,606 people. This occurred due to a legendary zero-day vulnerability in Fortra Goanywhere Mft. The vulnerabilities were exposed, and the patients’ data was taken by a gang of Clop extortionists, taking advantage of the vulnerability in the software meant for the production of Fortra to abduct 130 companies’ data. Although Brightline was among the affected companies, it only reported the leak publicly a while ago.
The organization confirmed that it started notifying relevant agencies about the leakage on April 7, while Clop himself had announced on their website about Brightline on March 16. Brightline offers mental and behavioral health services, including online consultations for children, adolescents, and their families. The company confirmed that the stolen data from Goanywhere MFT service contained medical information.
Brightline’s internal investigation showed that the stolen data included personal information such as complete names, physical addresses, dates of birth, identification numbers of participants, the date of coating a medical insurance plan, and names of employers. In response to the incident, Brightline deactivated the account of unauthorized users and rebuilt a secure version of the Goanywhere service.
The company also implemented additional security measures, such as restricting constant access for trusted users and removing all data from the Goanywhere service until a more secure solution for file sharing is found and implemented. Brightline offers affected persons two years of free services to protect their personal information and credit monitoring through the Cyberscout service.