Three healthcare providers in Florida, Georgia, and New York are notifying patients that their protected health information may have been exposed in recent cyber-attacks involving ransoms.
Warnings went out to patients of Advanced Urgent Care of the Florida Keys on November 6 regarding a ransomware attack that took place on March 1, 2020.
According to a breach notice issued by the medical center, patient data was compromised when attackers encrypted files on a backup drive.
Information exposed in the incident included names, dates of birth, health insurance information, medical treatment information, medical diagnostic information, lab results, medical record numbers, Medicare or Medicaid beneficiary numbers, medical billing information, bank account information, credit or debit card information, CHAMPUS ID numbers, Military and/or Veterans Administration numbers, driver’s license numbers, signatures, and Social Security numbers.
In Katonah, New York, a September 1 ransomware attack on Four Winds Hospital locked staff out of computer systems for a fortnight.
Cybersecurity experts hired to determine the scope and impact of the attack discovered that password-protected files had been accessed and patient lists dating from 1983 to the present day could potentially have been compromised.
Information on the lists included names, medical record numbers, and Social Security numbers. Four Winds has not yet disclosed how many patients may have been impacted.
A breach notice issued by Four Winds Hospital stated that the investigators "obtained evidence that the cybercriminals deleted any files in their possession, although that evidence cannot be independently verified.”
The hospital said it has "taken steps to prevent a reoccurrence."
Unusually, a ransom was demanded of Galstan & Ward Family and Cosmetic Dentistry in Suwanee, Georgia, over the phone by a caller who said that the practice's server had been infected with a computer virus.
Galstan & Ward had previously arranged for a third-party vendor to wipe the server in question and restore its data from a backup after detecting suspicious activity.
On September 11, 2020, the practice discovered that some files had been stolen and published on the dark web. No patient information was contained within these files, though patients were notified out of an abundance of caution.