A Florida clinic providing specialized medical care for women has alerted all current and former patients that their personal information and medical records may have been exposed following a data breach.
North Florida OB-GYN, which joined Women's Care Florida on May 6, 2019, became aware that a cyber-attack had been waged against its network on July 27 of this year. The breach is thought to have taken place on or before April 29, 2019.
In a statement released on their website, North Florida OB-GYN wrote: "Shortly after becoming aware of the incident, North Florida OB-GYN completed a preliminary assessment, in consultation with third-party information technology consultants, and determined that there had been improper access to certain portions of its networked computer systems and that a computer virus had encrypted (made unreadable) certain files on its computer systems."
The assessment findings prompted the clinic to shut down its networked computer systems, initiate its incident response and recovery procedures, and notify the Federal Bureau of Investigation of the breach. The clinic has also launched a confidential forensic investigation into the cyber-incident.
Medical or personal information affected by the incident may have included name, demographic information, date of birth, Social Security number, driver’s license or identification card number, employment information, health insurance information, and health information, such as treatment, diagnosis, and related information and medical images.
The affected computer systems did not contain any credit or debit card or financial account information.
All 528,188 patients of North Florida OB-GYN have been contacted by letter and warned that their personal data may have been exposed.
In a statement released on their website, North Florida OB-GYN wrote: "There is no evidence to date that any unauthorized person has actually viewed, retrieved, or copied any medical or personal information."
The clinic has advised patients to remain vigilant by regularly reviewing their account statements, monitoring free credit reports, and reporting any suspicious activity to their financial institutions.
Virtually all of the encrypted files have now been recovered, and North Florida OB-GYN has taken actions to strengthen security safeguards for the affected systems and to prevent similar incidents.