Bayhealth partner falls victim to ransomware attack

By Mike Finney
Posted 5/7/21

DOVER — Bayhealth announced on Friday that it was among numerous partners of CaptureRx — a San Antonio, Texas-based provider of administrative services to health care providers — …

Create an account for additional free stories

Thank you for visiting BayToBayNews. Unregistered visitors can read five stories per month. Registered visitors can read 10 free stories per month. Visit our sign-up page to register for your additional free stories.

Start a digital subscription today!

Subscribers can read unlimited stories for a special introductory rate of $5.99 a month.

Subscribers, please log in to continue

Bayhealth partner falls victim to ransomware attack


DOVER — Bayhealth announced on Friday that it was among numerous partners of CaptureRx — a San Antonio, Texas-based provider of administrative services to health care providers — that suffered a ransomware attack in which files containing the protected health information of customers’ patients were stolen.

“The privacy of our patients is paramount to our mission at Bayhealth,” officials from Bayhealth said in a statement. “Recently, CaptureRx, a Bayhealth partner, notified Bayhealth of a data breach at their organization that involved Bayhealth patients.

“CaptureRx will be notifying any Bayhealth patients if they were involved … As part of our ongoing commitment to our patients, we have required CaptureRx to notify us of the steps they are taking to ensure they are properly safeguarding Bayhealth patient information in the future.”

Bayhealth, which has a Kent County Hospital Campus in Dover and a Sussex County hospital campus in Milford, added that anyone with concerns can call the CaptureRx service line at 855-654-0919. The line is available Monday through Friday from 9 a.m. until 9 p.m.

The breach was detected on Feb. 19 following an investigation that confirmed unauthorized individuals had accessed and acquired files containing sensitive data on Feb. 6. A review of those files was completed on March 19 and affected health care provider clients were notified between March 30 and April 7.

It is unclear as to how many, if any, of Bayhealth’s patients might have been a part of the attack.

The website,, reported that during the attack, “cyber-criminals exfiltrated files containing the personal health information of more than 24,000 individuals.”

The CaptureRX investigation determined that the relevant files that were breached contained first name, last name, date of birth, prescription information and, for a limited number of patients, medical record numbers.

“Data privacy and security are among CaptureRx’s highest priorities, and there are extensive measures in place to protect information in CaptureRx’s care,” the administrative service provider said in a statement. “Upon learning of this incident, CaptureRx moved quickly to investigate and respond.

“This investigation and response included confirming the security of CaptureRx’s systems, reviewing the contents of the relevant files for sensitive information, and notifying covered entities associated with that sensitive information.

“As part of CaptureRx’s ongoing commitment to the security of information, all policies and procedures are being reviewed and enhanced and additional workforce training is being conducted to reduce the likelihood of a similar future event.”

The investigation into the breach being run by CaptureRx has not uncovered evidence that suggests any actual or attempted misuse of data stolen in the attack.

The company cautions that affected individuals have been advised to monitor their account and explanation of benefits statements for signs of fraudulent activity.