Gifford says vendor had data breach

Gifford Health Care last month notified federal authorities of a data breach involving a vendor that helps administer one of the Randolph-based medical center’s drug-pricing programs.  Gifford notified the U.S. Department of Health and Human Services on April 23 of a “hacking/IT incident” involving a network server, according to HHS records. Gifford spokeswoman Ashley Lincoln on Monday said a company called CaptureRX, which administers a program called 340B which helps rural health care providers purchase drugs at a discount for some needy patients, “experienced a ransomware attack on February 6.” Read more on Valley News. Gifford is the second covered entity that DataBreaches.net has found reports from concerning the CaptureRx attack.Thrifty Drug Store dba Thrifty White also reported the incident in April. While the Gifford report is up on HHS’s public breach tool, there is no report on that site at this time from either CaptureRx or Thrifty Drug/Thrifty White.DataBreaches.netRead More