Cyber Incident Victim: Mscripts, LLC
Date:
Jan 2023
Location:
United States of America
Summary
Mscripts, LLC, a Cardinal Health subsidiary providing prescription management software, experienced a data breach involving unauthorized access to a network server, potentially exposing protected health information of 66,372 individuals. The incident, reported to federal health authorities, likely compromised sensitive patient data such as medical histories and insurance details due to the breach's reporting requirements. The company notified affected consumers following an internal review of the compromised files but did not publicly disclose specific data types involved.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 17, 2023, mscripts, LLC, a San Francisco-based software subsidiary of Cardinal Health, reported a data breach to the U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) involving unauthorized access to consumer information stored on a network server. The company determined that an unauthorized party gained access to confidential data, prompting an internal review of compromised files to identify impacted individuals and the specific types of exposed information. While mscripts did not publicly disclose the exact data categories involved, the breach notification to HHS-OCR indicated the incident likely compromised protected health information (PHI), as such breaches require mandatory reporting to the agency. PHI encompasses demographic details, medical histories, insurance information, laboratory results, mental health records, and other treatment-related data collected by healthcare providers. Neither mscripts nor Cardinal Health published breach notifications on their websites, leaving the HHS-OCR filing as the primary source of information, which confirmed the incident stemmed from "unauthorized access or disclosure" on a network server. The breach affected 66,372 individuals, according to the HHS-OCR report.
Following its investigation, mscripts initiated data breach notification letters to all affected consumers on January 17, 2023, advising them of the exposure of their sensitive information. The company’s app, which enables prescription refills and real-time medication tracking for pharmacy customers, processes PHI as part of its core functionality, though the breach notification did not specify whether app systems or backend servers were directly implicated. Mscripts, with approximately 73 employees and $15 million in annual revenue, operates under Cardinal Health, a healthcare services conglomerate generating $176 billion annually and employing over 46,000 people. The incident highlighted risks to PHI maintained by third-party healthcare technology vendors, though no further technical details regarding the breach’s origin, duration, or containment measures were disclosed by the involved entities. The breach’s impact was confined to unauthorized data access, with no reported evidence of misuse at the time of notification.