OSU Data Breach Impacts Veterans, More Ransomware Attacks

June 24, 2021 - Ohio State University’s (OSU) Veterans Neuromodulation Operation Wellness (NOW) pilot program was compromised earlier this year prior to the program shutting down permanently, according to a report from NBC4 Investigates.

The Veterans NOW program was intended to treat veterans with PTSD, substance abuse, and other mental conditions without the use of medication. The program’s lead doctor, Marcia Bockbrader, MD, PhD, was placed on leave in March and the program closed for a week. Its return was short-lived, and the program officially halted on June 15th.

Air Force veteran Thomas Paschal shared a letter he received from Ohio State University Wexner Medical Center’s Office of Compliance and Integrity with NBC4 Investigates explaining that information had been compromised.

The letter was received on June 14th and stated that OSU learned about the breach on April 27th. The breach occurred sometime between January 25th and March 4th, right before the program was discontinued. Public records indicate that the program was paused following non-compliance issues.

It is unclear how many patients were impacted by the breach, but the letter stated that addresses, Social Security numbers, and medical history information was accessed without authorization, and all affected patients have been notified.

IOWA EYE CLINIC BREACH MAY HAVE EXPOSED PII OF HALF A MILLION PATIENTS

Wolfe Eye Clinic, which has over 20 locations in Iowa, fell victim to a cyberattack on February 8th that may have leaked up to 500,000 patients’ personally identifiable information (PII). According to a statement on the clinic’s website, the full scope of the breach was not realized until May 28th.

“Upon detecting this incident, we moved quickly to secure our network environment and launched a thorough investigation,” the statement said.

“The investigation was performed with the help of independent IT security and forensic investigators to determine the scope and extent of the potential unauthorized access to our systems and any sensitive information.”

The clinic concluded its investigation on June 8th after confirming that names, mailing addresses, birthdates, and Social Security numbers were accessed by a third-party entity. In addition, protected health information (PHI) was leaked in some cases.

“We take the security of all information in our control very seriously. Given this, we are taking steps to prevent a similar event from occurring in the future by implementing additional safeguards and enhanced security measures to better protect the privacy and security of information in our systems,” the statement continued.

Wolfe Eye Clinic will provide patients with twelve months of identity monitoring through IDX to ease concerns. Both current and former patients were impacted, but the notice does not disclose how many individuals were affected.

MISSISSIPPI CENTER FOR ADVANCED MEDICINE FACES RANSOMWARE ATTACK

Mississippi Center for Advanced Medicine (MCAM) announced Wednesday it was impacted by a ransomware attack in December 2020. The breach allowed unauthorized access to MCAM’s internal server and potentially PII and PHI of its patients.

According to WJTV, the server contained documents regarding MCAM’s services and programs, and some files may have contained PII and PHI. MCAM was notified by an IT consulting company on April 26th that the breach had occurred.

A letter posted to MCAM’s website stated that “all of the affected files have been fully secured and we are working diligently through the notification process.”

Information exposed may have included: names, email addresses, home addresses, phone numbers, birthdates, Social Security numbers, prescription information, insurance information, prescribing doctors, and medical history.

“We have personnel dedicated to investigating this matter to identify precisely the types of information that may have been accessed and the identity of the persons whose information may have been accessed,” the statement continued.

“Our server was secured by a network security company and this breach occurred despite the fact MCAM had in place security measures that were industry standard at the time. Since the incident, we have instituted additional security measures.”

The letter reiterated that MCAM has “no reason to believe that your information will be used by the ransomware attackers but we want to make sure that each of you know of our response to the incident.”

Officials directed patients to online credit monitoring services and fraud alerts and encouraged using caution when clicking on links and downloading attachments.