HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Phishing Attack Reported by Adventist Health Sonora

Adventist Health Sonora in California has discovered an unauthorized individual has gained access to the email account of a hospital associate and potentially viewed patient information.

The email account breach was detected by Adventist Health Sonora’s information security team on September 30, 2019. Immediate action was taken to secure the compromised Office 365 account and an investigation was launched to determine the extent of the breach.

The investigation confirmed that access to the Office 365 account was gained following a response to a phishing email and that it was an isolated incident. No other email accounts or systems were affected.

The purpose of the attack appears to have been to redirect invoice payments and defraud the hospital and its vendors, rather than to obtain sensitive patient information.

According to Adventist Health Sonora, a comprehensive review of the affected account revealed on October 14, 2019 that the account contained the protected health information of 2,653 patients. The types of information exposed included names, dates of birth, medical record numbers, health insurance information, hospital account numbers, and medical information related to the care provided at the hospital.

No evidence was uncovered to suggest any patient information was acquired by the attacker but, out of an abundance of caution, affected patients have been notified and offered complimentary identity theft protection services for 12 months.

Great Plains Health Has Recovered 80% of Systems Impacted by November 2019 Ransomware Attack

Great Plains Health in North Platte, NE, experienced a ransomware attack in November 2019 which saw its network encrypted. The decision was taken not to pay the ransom and instead to restore systems from backups. It has been a time-consuming and painstaking process, but hospital officials have announced that the process is now 80% completed.

Restoration of systems was prioritized with the most important patient systems restored first. It took two weeks for critical patient systems to be recovered. Members of staff worked round the clock to ensure systems were restored in the shortest possible time frame. Throughout the attack and recovery process patients continued to receive medical services and no patients were turned away or redirected to other healthcare facilities.

Hospital officials have now announced that all major IT systems have now been brought back online and the ransomware attack is no longer having any impact on any kind of patient care. Only archives now need to be restored, which contain information rarely used by the hospital.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.