// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / NationsBenefits
Breach Record

NationsBenefits

DISCLOSED 2023-01-30 · UNPATCHED CVE · 489,000 RECORDS EXPOSED

NationsBenefits reported that 489,000 patients had their personal and protected health information stolen in the Fortra GoAnywhere MFT breach. The Cl0p ransomware group exploited a zero-day vulnerability in the file transfer software. The breach occurred on January 30, 2023, and was disclosed in a filing with the Maine Attorney General.

The record

What we know

Disclosed
2023-01-30
Attack vector
Unpatched Cve
Sector
healthcare
Country
US
Records exposed
489,000
Domain
nationsbenefits.com
Data classes exposed
personal informationprotected health information
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · unclear · opinion

The breach involved exploitation of a zero-day in a managed file transfer server, not an endpoint. A positive-security model on endpoints would not have prevented this server-side attack.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other unpatched cve breaches on file

This page is the permanent ColdRecon entry for the NationsBenefits disclosure. It updates if new public reporting emerges. All tracked breaches →

NationsBenefits just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →