HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Wood Ranch Medical Announces Permanent Closure Due to Ransomware Attack

Another healthcare provider has announced it will be permanently closing its doors as a direct result of a ransomware attack. The devastating attack occurred at Wood Ranch Medical in Simi Valley, CA, which recently announced that the practice will permanently close on December 17, 2019.

The attack occurred on August 10, 2019 and resulted in its servers being infected with ransomware. The attack caused widespread file encryption and prevented medical records from being accessed. The extent of the attack was such that computer systems were permanently damaged making file recovery impossible. The practice had created backups of patient records, but those backups were also encrypted and could not be used to restore patient data.

Ransomware attacks are usually conducted with the sole purpose of extorting money. Files are encrypted and a ransom demand is issued. If the ransom is not paid, files remain permanently encrypted. Payment of the ransom comes with no guarantee that file recovery will be possible and encourages further attacks. For these reasons the FBI recommends ransom payments are never made.

In this case, the practice believes that the sole aim of the attack was to obtain payment and no patient records are believed to have been accessed by the attackers or downloaded from its servers. Nonetheless, affected patients have been advised to exercise caution and monitor their credit reports and explanation of benefits statements for any sign of fraudulent activity. The types of information potentially compromised included names, addresses, dates of birth, health information, and health insurance information.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Wood Ranch Medical’s website now only displays the substitute breach notice, as operations are wound down. “WRM takes the protection of its patients’ information seriously and sincerely apologizes for any inconvenience this incident may cause.” The incident affects 5,835 patients, all of whom have been sent notification letters by mail. Over the next two months, the practice will be working with patients to help them find alternative medical practitioners in the area who will be able to serve their healthcare needs.

This incident highlights the catastrophic consequences of ransomware attacks. In this case the attack has not only forced a practice to close and made staff unemployed, it has also caused considerable disruption for patients and the permanent loss of their health records.

This is not the first practice that has been forced to shut down as a result of a ransomware attack and it is unlikely to be the last. Earlier this year, Brookside ENT and Hearing Center in Battle Creek, MI similarly experienced a ransomware attack that permanently encrypted patient records. Its owners took the decision to close the business and take early retirement rather than rebuild the practice from scratch.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.