Share this article on:
Southeastern Minnesota Oral & Maxillofacial Surgery (SEMOMS) has announced it has been attacked with ransomware and that the protected health information of up to 80,000 patients was potentially compromised in the attack.
The attack was detected on September 23, 2019. The IT team responded and isolated the affected server and took steps to restore the encrypted data. It is unclear whether the ransom was paid or if the IT team was able to restore the server from backups.
Assisted by computer forensics experts, SEMOMS determined that the affected server contained names and X-ray images and that the server had been accessed by an unauthorized individual. No evidence was uncovered to suggest any patient information was accessed or exfiltrated by the attackers, but the possibility of unauthorized ePHI access and data theft could not be discounted. Consequently, notification letters have been sent to all individuals whose protected health information was potentially compromised.
Healthcare Administrative Partners Phishing Attack Impacts 17,693 Patients
Healthcare Administrative Partners (HAP), a Media, PA-based provider of medical billing and coding services to healthcare organizations, has discovered the email account of one of its employees was accessed by an unauthorized individual following a response to a phishing email.
The phishing attack was detected on June 26, 2019 when suspicious activity was identified in the employee’s email account. On September 26, 2019, HAP determined that the protected health information of certain clients was present in the email account.
A third-party computer forensics firm was engaged to assist with the breach investigation. It was not possible to determine whether emails and email attachments containing ePHI had been accessed, but the possibility could not be ruled out.
The account contained patients’ names, addresses, dates of birth, medical record numbers, physicians’ names, prescriptions, medical diagnoses, and limited treatment information. HAP notified all affected providers on October 4, 2019.
Steps have now been taken to improve email security. All passwords for email were reset, all external emails are now labelled as external, employees are being provided with additional security awareness training, and mailbox size restrictions and email archiving have been implemented to reduce data exposure in the event of a further attack. HAP is also investigating multi-factor authentication options.
Elizabeth Family Health Notifies 28,375 Patients About Data Exposure
The Elizabeth, CO-based healthcare provider, Elizabeth Family Health, is notifying 28,375 patients that some of their protected health information has been exposed.
On September 23, 2019, Elizabeth Family Health suffered a break-in and its facilities were vandalized. The perpetrator removed several items from its facilities, including server backup tape cartridges. Those cartridges contained the protected health information of patients, including names, demographic information, and Social Security numbers.
Elizabeth Family Health has not received any reports of misuse of patient information but has mailed affected individuals as a precaution and has provided information on the steps that can be taken to prevent their personal information from being misused.