HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

700,000 Patients Affected by Yuma Regional Medical Center Ransomware Attack

Yuma Regional Medical Center (YRMC) in Arizona has announced it was the victim of a ransomware attack in April in which the attackers obtained the protected health information (PHI) of 737,448 current and former patients.

According to the recent YRMC announcement, the attack was detected on April 25, 2022, which affected some of its IT systems. YRMC said immediate action was taken to contain the attack, and systems were taken offline to prevent further unauthorized access. Law enforcement was notified, and a third-party computer forensics firm was engaged to assist with the investigation and determine the nature and scope of the attack. The investigation confirmed that the attackers gained access to its systems between April 21 and April 25, 2022, and, prior to file encryption, a subset of files were exfiltrated from its systems.

YRMC said it is working with security experts to bring its systems back online as quickly as possible. Throughout the attack, its facilities remained open and operated using established backup processes and downtime procedures, which did result in some delays to certain services; however, most scheduled services continued as scheduled.

Notification letters have recently been sent to affected individuals. YRMC said the files exfiltrated from its systems included names, Social Security numbers, health insurance information, and limited medical information. YRMC said its electronic medical record system was not accessed. The affected individuals included current and former patients in Yuma County on individuals working in Yuma County on a short-term or seasonable basis.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Steps have been taken to improve security to prevent further attacks and affected individuals have been offered complimentary credit monitoring and identity theft protection services. Ransomware attacks often result in the exposure of stolen data if the ransom is not paid. It is unclear in this case if payment was made. No ransomware threat group appears to have claimed responsibility for the attack.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.