25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Reinvestigation of 2019 Metro Presort Ransomware Attack Reveals PHI May Have Been Compromised

Posted By on Mar 16, 2021

The Portland, OR-based technology and communication solution provider Metro Presort suffered a ransomware attack on May 6, 2019 which resulted in the encryption of files and locked staff out of its systems. The ransomware attack was promptly identified and was contained by May 15, 2019 and the company was able to recover from the attack relatively quickly. An investigation into the attack found no evidence to suggest files were removed from its system, and since the company already encrypted customer data, the attackers would not have been able to access any sensitive information.

In October 2020, Metro Presort reinvestigated the attack and the secondary investigation was unable to confirm that files containing customer data were definitely encrypted before the attack. The invoices, statements, and spreadsheets that Metro presort processed for clients, including healthcare organizations, could potentially have been accessed. An analysis of those files confirmed they contained patient names, addresses, dates of birth, patient and health plan IDs or account numbers, appointment dates, treatment dates, and diagnoses and treatment codes, according to a substitute breach notice published on the Metro Presort website on November 24, 2020.

The incident has recently appeared on the HHS’ Office for Civil Rights website stating the PHI of up to 38,387 individuals may have been compromised. Metro Presort explained in its breach notice that the Department of Health and Human Services’ Office for Civil Rights investigated the breach, Metro Presort’s response, and its policies and procedures, and closed the case on December 31, 2020 after confirming no HIPAA violations had occurred.

“Both before and since this incident, MPI and has devoted considerable resources to maintaining and enhancing its data security, including implementation of the latest technical safeguards to prevent similar incidents, additional protections (encryption) of customer files, and security audits,” explained Metro Presort in its breach notice.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist