Healthcare Information Security

Latest Health Data Breaches News

Ransomware Attack on Florida’s FABEN OB-GYN Results in Data Loss

While the Florida-based specialist successfully leveraged back-ups to protect patient data and avoid paying the ransom, some protected health information was permanently lost.

ransomware attack in healthcare

By Jessica Davis

- Florida-based FABEN Obstetrics and Gynecology was hit with a ransomware attack in November, which encrypted server files and caused some data to be permanently lost.

On November 21, officials discovered a GandCrab ransomware infection on a server containing patient files from January 2007 through April 2017. The variant is spread through malvertising campaigns that direct users to a site infected with an exploit kit, then targets Adobe Flash or Windows VBScript engine vulnerabilities to install the malware.

GandCrab infected 50,000 systems in the first three weeks of the first quarter of 2018.

Upon discovery, officials said they deleted the infected files to mitigate the effects of the attack. FABEN stressed that data was not exfiltrated, accessed, nor sent from the infected server. Further, only data from January 2007 to April 2017 was impacted.

Officials were able to restore diagnoses and treatment information, such as patient visits, and labor and delivery from that timeframe.

The trouble is that while most patient records were backed up and restored, “certain records are not recoverable.” Those files included items that were manually scanned into the system by FABEN and some information from medical charts created between Sept. 11, 2014 and April 10, 2017, such as patient visits, and labor and delivery.

As a result, FABEN permanently lost files including blood sugar logs, blood pressure logs, Family and Medical Leave Act documentation, and medical records provided to the OB-GYN in paper form during that time period.

All 6,092 patients who visited FABEN from September 2014 and April 2017 are being notified.

“Receipt of this notification doesn’t necessarily mean that any of your records are compromised,” officials said in a statement. “However, there is a possibility that certain files concerning your care and information, as described above, were deleted and or compromised as a result of the ransomware.”

Officials recommended that those impacted patients maintain copies of all of their paper medical records. Further, many of the permanently lost files were actually brought in by the patient, so officials said those patients should consult with FABEN to determine what files are missing and can be replaced.

FABEN is still conducting its investigation and cooperating with law enforcement, while working with private security consultants.

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...