Share this article on:
Somersworth, New Hampshire-based Atlantic Digestive Specialists is one of the latest healthcare organizations to report a ransomware attack that has potentially resulted in the protected health information of patients being accessed.
The ransomware attack was discovered on February 20, 2017 although a subsequent investigation revealed that the ransomware was installed on February 18. The infection took two days to resolve, during which time access to certain computer systems was limited. All traces of the ransomware were removed from its systems by February 22, 2017.
Atlantic Digestive Specialists hired a third-party cybersecurity firm to conduct a thorough investigation of the attack to determine how the infection occurred, the extent of the attack, and which files were potentially accessed by the attackers.
The investigation revealed files containing patients’ names, addresses, telephone numbers, medical record numbers, clinical and diagnostic information, health insurance details, and in some cases, Social Security numbers were encrypted.
The investigation uncovered no evidence to suggest any sensitive data were accessed or stolen by the attackers, and no reports have been received to suggest any patients’ protected health information has been misused. Since the possibility of data theft could not be ruled out with a high degree of certainty, all affected patients have been advised to be vigilant for signs of fraudulent activity. Out of an abundance of caution, patients have been offered credit monitoring services to protect them against identity theft and fraud.
Over the past few weeks, several small healthcare practices have been attacked with ransomware. While in most cases data have been recovered from backups and no ransom has been paid, the attacks have resulted in considerable disruption and sizable breach resolution costs.
Regular backups of data should be performed to ensure no ransom needs to be paid in the event of an attack and small healthcare organizations should consider augmenting their defenses against ransomware.
Since the majority of ransomware attacks occur via email, staff should be advised to exercise caution and not to open any email attachments from unknown senders, never to enable macros on emailed office documents, and to be wary of hyperlinks sent via email..
Information on how HIPAA Rules apply to ransomware attacks is available from the Department of Health and Human Services on this link.