Share this article on:
Wolfe Eye Clinic, an operator of a network of eye health clinics throughout Iowa, has announced it was the victim of a ransomware attack on February 8, 2021. Hackers gained access to its systems and used ransomware to encrypt files. A ransom demand was issued for the keys to decrypt files, but the clinic refused to pay and opted to recover files from backups. As is now common in ransomware attacks, prior to file encryption the attackers exfiltrated data from Wolfe Eye Clinic systems.
Wolfe Eye Clinic explained in its substitute breach notification letter that immediate action was taken to secure its network environment and independent IT security and forensic investigators were engaged to determine the scope and extent of the security breach. Due to the scale and complexity of the attack, it took until May 28, 2021 for the full scope of the security breach to be determined and to identify the information compromised in the attack.
The forensic investigation concluded on June 8, 2021, when it was confirmed the attackers accessed and exfiltrated the data of current and former patients. The stolen protected health information included names, addresses, birth dates, Social Security numbers and, for some individuals, medical and health information.
Notification letters have started to be mailed to affected individuals and complimentary identity theft protection and credit monitoring services are being offered for 12 months through IDX. Wolfe Eye Clinic said it is implementing additional safeguards to prevent further attacks.
The attackers appear to have exfiltrated a large amount of data. KCCI Des Moines has reported the incident as affecting approximately 500,000 individuals, making this one of the most extensive ransomware attacks on a single healthcare provider to have been reported this year.