Communicare Data Confirms Breach After Ransomware Attack

On Nov. 23, 2024, Inlet Health dba Communicare, discovered unauthorized activity on its network. The incident was quickly investigated and determined to be a ransomware attack carried out by the DAIXIN Team, a known cybercriminal group.

The attackers gained access to Communicare’s systems for a short period on Nov. 23, 2024, and acquired sensitive data without authorization. The breach was significant in scope, affecting 3,771 individuals in the United States.

The compromised information includes a wide range of sensitive data: personally identifiable information (PII) such as Social Security numbers, dates of birth, driver’s license numbers, state-issued identification numbers, passport numbers, and military identification numbers, as well as financial account information. Additionally, protected health information (PHI) was exposed, including medical information and health insurance details.

The DAIXIN Team claimed responsibility for the attack and announced their intent to publish the stolen data on the dark web. This claim was posted on a dark web forum on Dec. 3, 2024, further raising concerns about the potential misuse of the exposed information. The breach was officially reported to the U.S. Department of Health and Human Services on Jan. 22, 2025.

Communicare's response

Upon discovering the breach, Communicare immediately secured its systems and launched a thorough investigation to determine the extent of the compromise. The organization notified federal law enforcement and regulatory authorities, and it began reviewing and strengthening its cybersecurity policies to prevent similar incidents in the future. Communicare has also provided a dedicated assistance line for affected individuals at 877-258-5138, available Monday through Friday from 9 a.m. to 9 p.m. Eastern Time, excluding U.S. holidays.

Given the nature of the breach and the types of information exposed, Communicare recommends that affected individuals remain vigilant against identity theft and fraud. They encourage individuals to regularly review account statements and monitor their credit reports for suspicious activity. Affected persons are also advised to consider placing a fraud alert or credit freeze with the major credit bureaus—Equifax, Experian, and TransUnion—to help protect against unauthorized use of their information.

For further resources and detailed steps on protecting personal information, individuals can consult the Federal Trade Commission at identitytheft.gov.