Arietis Health Security Incident

Keith Kirkland Updated by Keith Kirkland

High-Level Summary of the Security Incident

Arietis Health, LLC. is a revenue cycle management company which specializes in revenue cycle solutions and end-to-end billing services that use data to connect the business and clinical aspects of healthcare by combining administrative information, like a patient's name and insurance details, with their healthcare data, including the treatment they receive.

On September 28, 2023, Arietis Health published a security notice on its official website, addressing a critical vulnerability that affected MOVEit (by Progress software), a managed file transfer software(MFT), a solution used widely by businesses and government agencies, including Arietis Health, to securely transfer data. The details of the MOVEit zero day vulnerability were published by VISO TRUST as a part of the Progress Software MOVEit Zero-Day Vulnerability risk notice.

As per Arietis, on May 31, 2023 it received an alert from Progress Software - the company responsible for MOVEit file transfer software, about the critical vulnerability affecting MOVEit systems. Upon receiving the alert, Arietis Health took immediate corrective steps to secure and patch its MOVEit server following Progress Software’s instructions. Arietis Health thereafter engaged leading, independent cybersecurity experts to conduct a comprehensive investigation.

On July 26, 2023, the investigation determined that unauthorized actors had access to Arietis Health’s MOVEit server on May 31, 2023, and may have acquired certain files which contained data belonging to patients of the Healthcare Entities.

Arietis Health has stated that this incident may have compromised the following information for patients of the Healthcare Entities listed below:

  • Patient names
  • Dates of birth
  • Driver’s license or other state identification card numbers
  • Addresses
  • Social Security numbers
  • Medical record numbers
  • Patient account numbers
  • Health insurance information
  • Diagnosis and treatment information
  • Clinical and prescription information
  • Provider information.

While Arietis Health has no evidence of the misuse of any potentially affected individual’s information as a result of this incident, Arietis Health has determined that information belonging to certain patients of the following list of Healthcare Entities, which it received in connection with the billing services it provides, may have been compromised.

Healthcare Entities:

AmSol Physicians of Elkin, NC, PLLC
Anesthesia Company of Houston, PLLC
Anesthesia Resources Management Solutions, Inc
Coronado Anesthesia, PLLC
Digestive Health Specialists of SE
Dupont Anesthesia, PSC
Epix Anesthesia of Alabama, LLC
Epix Anesthesia of Tennessee, PLLC
Epix Medical Services of Houston, PLLC
Gastro South Anesthesia, LLC
Gastroenterology Consultants of Augusta, PC
GI Associates of West Alabama, PC
KBS Anesthesia, Inc
Lehigh Anesthesia Associates, PC
Northeast Gastroenterology Center, Inc
Northern Tier Gastroenterology, Inc
Northern Virginia Surgery Center Anesthesia, LLC
NorthStar Anesthesia II, PA
NorthStar Anesthesia III, PA
NorthStar Anesthesia of Delaware, LLC
NorthStar Anesthesia of Illinois, LLC
NorthStar Anesthesia of Indiana II, LLC
NorthStar Anesthesia of Indiana, LLC
NorthStar Anesthesia of Kansas, LLC
NorthStar Anesthesia of Kentucky, PLLC
NorthStar Anesthesia of Michigan II, PC
NorthStar Anesthesia of Michigan III, PLLC
NorthStar Anesthesia of Michigan, LLC
NorthStar Anesthesia of Mississippi, LLC
NorthStar Anesthesia of Missouri, LLC
NorthStar Anesthesia of Montana, PLLC
Northstar Anesthesia of Nebraska, PLLC
NorthStar Anesthesia of Ohio, LLC
NorthStar Anesthesia of Oklahoma, PLLC
NorthStar Anesthesia of Pennsylvania, LLC
NorthStar Anesthesia of Tennessee, PLLC
NorthStar Anesthesia of Virginia, LLC
NorthStar Anesthesia of West Virginia, PLLC
NorthStar Anesthesia, PA
NSA Pain Services of Michigan III, PLLC
NSA Pain Services of Michigan, PLLC
Nurse Anesthesia of North Carolina, PLLC
Orange City Anesthesia Services, LLC
PhySynergy, LLC AL
PhySynergy, LLC TN
Professional Anesthesia Group, LLC
Professional Anesthesia Services of Kentucky, PLLC
River Cities Anesthesia, LLC
Riverside Anesthesia Services, LLC
Sarasota Anesthesia Services, LLC
Sentry Anesthesia Management, LLC
Southwest Ohio Anesthesia Consultants, LLC
Space Coast Anesthesia, LLC
Sunset Anesthesia, LLC 

Should I be concerned? 

Maybe. It depends on if you have a relationship with Arietis Health or any of the healthcare entities listed above. Click on the link below to find out if you have a relationship with this vendor. If you do, follow the recommendations below.

Note: This link specifically references vendor directory records. You may also want to search your RLP for “Arietis Health” or vendor names from the list above to confirm.

What to do if you or your vendors have active relationships with Arietis or any of the Healthcare entities mentioned in the list above

To address the breach, Arietis Health is sending letters with information about the incident to patients of the Healthcare Entities whose information may have been involved. Arietis is also offering those patients complimentary credit and identity monitoring services. If you or any of your vendors maintain an active relationship with Arietis Health or any of the healthcare entities mentioned above, please engage in discussions to gather comprehensive details regarding any potential impact on your customers (patients). We recommend advising your customers to consider the following actions, as suggested by Arietis in their notice:

  1. Monitor Their Financial Activity: Vigilantly monitor the credit reports and bank statements for suspicious or unauthorized transactions or activities.
  2. Place a Fraud Alert: Consider placing a fraud alert on the credit reports with major credit bureaus. This alert notifies creditors to take extra precautions before opening new accounts in the individual’s name.
  3. Consider Credit Freezing: Another option to bolster security is to freeze credit. This makes it extremely difficult for anyone, including identity thieves, to open new credit accounts in the individual’s name.
  4. Password Changes: Immediately change the passwords for all online accounts, particularly those that contain sensitive information.
  5. Report the Breach: Report the data breach to the Federal Trade Commission (FTC) and the respective state's Attorney General's office. This assists in tracking and addressing the breach.

---------------------------------------------------------------------------

We are actively working on future product enhancements related to these types of events. If you found this information helpful or have additional feedback, please let us know at product@visotrust.com.

For any additional questions, please reach out to your customer success manager.

Stay ahead of the curve with our Public Risk Notice Alerts!

Get the latest information and news to your inbox on cybersecurity breaches and third-party vendor risks that could impact your organization.

Sign up today to fortify your organization's security.

The VISO Trust team

—----------—----------—-----

How did we do?

Sumo Logic Potential Security Incident

Fiserv Security Incident

Contact