Adrian Johnson
TLDR
- Enzo Biochem settles ransomware-related breach for $4.5 million
- Almost 2.5 million individuals’ personal and diagnostic test data impacted
Enzo Biochem, a biotechnology firm based in New York, has reached a $4.5 million settlement with New York, New Jersey, and Connecticut following a ransomware attack in April 2023 that affected nearly 2.5 million individuals’ sensitive data. The breach was found to be a result of compromised employee credentials and the lack of multi-factor authentication for email access, leading to the exposure of personal and diagnostic test data. New York Attorney General Letitia James emphasized the importance of data security in healthcare companies to protect patients from potential fraud and identity theft.
As part of the settlement, Enzo has pledged to implement multi-factor authentication for all employee accounts, enhance security programs, and establish an incident response plan along with conducting annual risk assessments. The company’s proactive measures are crucial in safeguarding sensitive healthcare data and preventing future cyber attacks.
It is essential for organizations, especially those handling sensitive information, to prioritize cybersecurity measures to mitigate the risks associated with ransomware attacks and data breaches. By taking proactive steps to improve security protocols and respond swiftly to incidents, companies can protect both their data and their customers from potential harm.
