Reventics experiences a cyber attack

by

Reventics has confirmed the data breach incident that has affected it over the past few weeks. The confirmation comes after the Royal Ransomware group disclosed Reventics in the name of victims. We look at this particular ransomware incident below.

  • Reventics is a US-based Healthcare software. It has offices in Colorado in the United States. The company has an offshore office in Hyderabad, India.
  • The company has filed financial statements that reveal revenues of $20.6 million in the previous year.
  • The cyber attack was first detected on 15th December 2022. A third-party cyber security audit was initiated to conduct a full-scale forensics audit of the servers and data impacted.
  • The preliminary findings of the cyber security audit revealed that the hacker was able to breach personal data. These were shared with the company on 27th December 2022.
  • The data breach involves personally identifiable information (PII) and Protected Health Information (PHI) under the HIPAA laws. The data that was accessed by the intruder includes personal details, financial details, medical procedure details, Healthcare provider’s details, and clinical data.
  • Due to the serious nature of this data breach, it is important to monitor credit transactions over the next few months. Reventics is offering free credit and identity monitoring to the affected users.
  • You can call Reventics at 833-753-4765 to know more about the incident and credit monitoring.
  • It does not look like that the company has offered free credit insurance for a period of one year to the affected individuals.
  • Reventics is sending letters through mail to all the affected users.
Reventics ransomware attacks

There are a few things that stand out in this particular ransomware incident:

  • Reventics has claimed that its operations remained unaffected after the cyber incident because it was able to contain the attack to a large extent.
  • It remains unclear if the data has been encrypted by the ransomware actor. Or, if the data has been stolen to make it a data breach incident only.
  • It remains unclear if the attack targeted the US office, the India office, or both.

If this turns out to be a ransomware attack, we are looking at the possibility of healthcare data being dumped on a dark web forum. So, it makes sense to seek some clarity from Reventics to understand the true impact of this data security breach and whether this impacted both offices of the company.

The Ransomware operator, however, has not revealed more details about the type of cyber incident and the amount of personal data accessed by it.

At the time of writing this, we can see that the website of Reventics is working fine.

About Reventics

Reventics provides software to healthcare providers. It has two product offerings, RevCDI and RevMax. Both products have been designed to improve clinical documentation and revenue cycle management.

Reventics specializes in revenue enhancement and compliance improvement for healthcare providers.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.