Cyberattacks on NCH Healthcare System and Ohio Eye Care Provider

A phishing attack on NCH Healthcare System in Naples, FL resulted in the exposure of patient information. NCH Healthcare knew about the suspicious activities on its payroll system on June 14, 2019. A third-party computer forensics crew analyzed the situation and confirmed that certain employees’ email accounts had been breached because of responding to the phishing emails.

It’s likely that the messages and attachments in the compromised accounts contained patient data that the attackers have accessed or copied. NCH already advised the patients about the breach and cautioned them to watch their financial statements for probable fraudulent transactions.

The exact number of patients affected by the ransomware attack is still not certain.

Eye Care Associates Ransomware Attack

A ransomware attack on Eye Care Associates, an eye care provider in northeast Ohio, in late July made the provider’s computer systems inaccessible and remained so even two weeks after the attack.

Eye Care Associates Director of Operations, Mary Jo Silva, said that they discovered the ransomware attack on July 28, 2019 and let the Beaver Township Police Department and the board know about the ransomware attack.

The attackers sent a ransom letter however there was no specified amount. Silva said that they did not get in touch with the attackers regarding the ransom amount nor paid the ransom. Eye Care Associates is trying to recover all encrypted data files using backup files with the help of the file storage service provider. It is hoped that systems will be back online in a couple of days. The investigators of the incident reported there was no evidence that patient data was stolen. The Business Journal likewise noted that email was planned to start the ransomware attack.

The attack brought about a serious interruption of hospital operations. It was not possible for two weeks to schedule new appointments since the appointment system was inaccessible. The hospital personnel just use paper documents when treating patients.

About Christine Garcia 1297 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA