Ransomware Attack on New York Medical Group Impacts 330K Patients

The New York medical group practice, Orthopedic Associates of Dutchess County, has announced the protected health information of certain patients was potentially stolen in a recent cyberattack.

The security incident was detected on March 5, 2021 when suspicious activity was identified in its systems. An investigation into the incident confirmed its systems had been accessed by unauthorized individuals on or around March 1, 2021. The attackers gained access to certain systems and encrypted files and issued a ransom demand for the keys to unlock the encrypted files.

The attackers claimed they had stolen sensitive data prior to the encryption of files, although it was not possible to determine which files had been stolen. A review of the systems accessed by the attackers revealed they contained files that included protected health information such as names, addresses, contact telephone numbers, email addresses, emergency contact information, diagnoses, treatment information, medical record numbers, health insurance information, payment details, dates of birth, and Social Security numbers.

Individuals potentially affected by the breach have been notified by mail and have been offered a 12- month complimentary membership to credit monitoring and identity theft protection services. To date, there have been no reports of attempted or actual misuse of any patient data.

The protected health information of 331,376 individuals was potentially compromised in the attack.

PHI of 5,426 Individuals Compromised in Entrust Medical Billing Ransomware Attack

Entrust Medical Billing, a Canton, OH-based medical billing company, has suffered a ransomware attack in which the protected health information of 5,426 individuals may have been compromised.

Third-party cybersecurity professionals were engaged to assist with the investigation and determine the extent of the breach. On or around March 1, 2021, the investigation confirmed some of the files exfiltrated by the attackers contained protected health information such as names, addresses, dates of birth, medical diagnosis/clinical information/treatment type or location, medical procedure information, patient account number, and health insurance information.

While data theft was confirmed, no evidence has been found to indicate actual or attempted misuse of any of the stolen data. Affected individuals have now been notified and those whose Social Security number has been compromised have been offered complimentary credit monitoring services. New technical safeguards have now been implemented and monitoring across its network environment has been increased.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.