- On February 6, 2017, ABCD Pediatrics discovered a virus had gained access to the healthcare organization’s servers and encrypted patient data.
The Texas-based pediatric facility immediately contacted IT personnel to take all servers offline for analysis. Experts determined the virus to be a Dharma Ransomware attack.
Given the nature of the particular virus, experts maintain it is possible but unlikely any patient information has been removed from the server.
ABCD also discovered evidence in its investigation suggesting user accounts may have been accessed through ABCD’s network.
Potentially impacted patient information includes names, addresses, phone numbers, dates of birth, Social Security numbers, insurance billing information, medical records, and lab reports.
The OCR data breach reporting tool states that potentially 55,447 patients may have had their information accessed.
The pediatric facility has since successfully eradicated the virus and all corrupted data from its servers. All secure backup databases were unharmed in the incident and have been used to restore impacted data.
“Also, please note that ABCD never received any ransom demands or other communications from unknown persons,” ABCD stated. “However, ABCD remains concerned because it discovered user logs indicating that computer programs or persons may have been on the server for a limited period of time.”
The organization maintains no PHI was lost or destroyed in the incident.
ABCD has since implemented upgraded cyber security monitoring to mitigate future incidents and set up a call center for concerned patients.
Inadvertent email potentially impacts over 6K patients
On March 3, 2017, Saliba’s Extended Care Pharmacy issued a statement notifying patients of an incident in which invoices were inadvertently emailed to the wrong patients.
The email was for December 2016 invoices and contained patient names, addresses, account balances, and possibly prescription information.
“We take this incident, and the privacy and security of our patients’ information, very seriously,” Saliba Extended Care Pharmacy President John Saliba said in a public statement. “We terminated the employee that committed this error, have provided staff with additional training, and reviewed our policies and procedures to better protect against an event like this from happening again.”
The invoices, which contained the information of 6,599 patients according to the OCR data breach reporting tool, were sent to three known Saliba’s Pharmacy patients or their representatives.
Saliba’s Pharmacy maintains there is no evidence suggesting any patient information has been misused, and emphasized none of the invoices contained Social Security numbers, financial information, or insurance information.
Computers containing patient data stolen from PA orthodontics facility
Rich Orthodontics recently announced that it was burglarized on February 14, 2017 and that a laptop and two desktop computers were stolen.
While the stolen computers contained new patient forms and medical history update forms, the organization stated all computers were password protected.
No electronic dental records were accessed as Rich Orthodontics stores these files in a secure offsite portal.
Potentially impacted patient forms contained information including patient names, addresses, phone numbers, dates of birth, Social Security numbers, insurance information, and email addresses.
The incident potentially impacted 960 patients, according to the OCR data breach reporting tool.
Local law enforcement have been notified of the incident and Rich Orthodontics maintained there was no evidence any patient information was accessed or misused in any way.