An American healthcare supplier whose knowledge was allegedly exfiltrated to an Amazon storage account by a cyber-attacker has taken authorized motion in opposition to Amazon.
As many as 85,688 affected person and worker data have been compromised final week when a menace actor seemingly primarily based in Ukraine struck SalusCare, the most important supplier of behavioral healthcare providers in Southwest Florida.
The attacker is believed to have gained entry to SalusCare’s Microsoft 365 surroundings after an worker clicked a malicious hyperlink in a phishing electronic mail. The motion allegedly triggered malware to exfiltrate SalusCare’s whole database to 2 Amazon S3 storage buckets linked to the identical Amazon AWS storage account.
After being notified of the alleged criminal activity, Amazon froze entry to the 2 S3 buckets believed to have been used within the assault.
SalusCare requested entry to the audit logs of the buckets as a part of its investigation to find out exactly what knowledge had been breached by the menace actor. Nonetheless, Amazon refused to provide an audit log or a duplicate of the information saved within the S3 buckets as they don’t belong to SalusCare.
The healthcare supplier responded to Amazon’s refusal by submitting a lawsuit in federal court docket on Wednesday in search of for Amazon to be compelled to offer SalusCare with the audit logs and a duplicate of the contents of the 2 S3 buckets.
Within the lawsuit, SalusCare additionally looked for Amazon to be ordered to completely droop the alleged attacker’s entry to the 2 S3 buckets allegedly containing the healthcare supplier’s swiped knowledge.
In its petition to the US District Court docket in Fort Myers, SalusCare argued that the delicate knowledge believed to have been stolen within the assault and saved within the buckets might be offered on the darkish web and used to commit identification theft.
“The information comprise extraordinarily private and delicate data of sufferers’ psychiatric and habit counseling and therapy,” defined SalusCare. “The information additionally comprise delicate monetary data comparable to social safety numbers and bank card numbers of SalusCare sufferers and staff.”
Information-Press reviews {that a} decide granted each of SalusCare’s requests on Thursday.
