- Connecticut-based optometrists Dr. Thomas DeLuca, Dr. Anthony Marciano & Associates recently began notifying about 23,578 patients that their personal data was potentially breached during a ransomware attack.
On November 29, the eye specialist discovered a ransomware attack on its servers. Officials said they immediately acted to stop the cyberattack from proliferating. Further, they were able to restore the network using clean backup files, over the course of three days, the eye specialist told local news outlet Citizen’s News.
Offline, segmented backups are crucial to reducing downtime and ensuring data restoration.
The office’s 25 computers became unresponsive during the attack. However, officials did not pay the $4,000 ransom, as the IT team said the hackers would just freeze the servers again.
“I had good security, I have a good company, I don’t know how it got through,” Deluca told Citizen’s News.
An investigation into the event determined the ransomware infected two servers containing patient files – including personal data, such as patient names, Social Security numbers, and limited treatment information. The IRS contacted the office last week out of concern the data could be used for fraudulent tax returns.
In response to the ransomware, the optometrist office closed all remote access the network, installed enhanced anti-virus software, and implemented ransomware protection. Further, the office was able to leverage its cyber insurance to help with costs associated with breach notifications.
All patients will be provided a year of free credit monitoring and identity theft protection.
“At this time, we are not aware of any attempted or actual misuse of anyone’s information as a result of the incident,” officials said in a statement. “However, we’ve sent notification letters to potentially impacted individuals out of an abundance of caution to notify them of this incident and to provide resources to assist them.”
While many sectors have seen ransomware decline in the last year, healthcare continues to be a prime target for these types of attacks – especially through remote access by the notorious SamSam variant. In fact, several health providers reported data breaches from ransomware in recent months, including FABEN OB-GYN, Podiatric Offices of Bobby Yee, and Mind and Motion, among others.