PHI of Up to 3,634 Individuals Exposed at Vista Radiology Ransomware Attack
Vista Radiology located in Knoxville, TN has informed 3,634 patients regarding a ransomware attack encountered on July 11, 2021 which resulted in the shutdown of its system. A top-rated computer forensics company conducted a complete investigation of the cyberattack. And the preliminary investigation appeared to suggest the only objective of the attack was to encrypt its data, and that there was no exfiltration of data involved. Nevertheless, Vista Radiology was notified on July 15 that several proofs were found that files or folders comprising patient information were accessed and viewed.
The investigation affirmed that the attacker encrypted the files and a subsection of those files was accessed prior to encryption. The files that had been viewed merely included some patient information and no substantial amount of data were exfiltrated by the attackers. It wasn’t possible to know if the protected health information (PHI) of any particular patients were viewed, thus notification letters were dispatched to all patients potentially affected by the cyber attack. The investigation showed that PHI wasn’t acquired or taken advantage of.
Vista Radiology said the encrypted records had been backed up and can be retrieved and that it did not pay the malicious third party. Action has since been done to enhance the security of its network environment, which included a full rebuild and revamp of network security. All impacted persons were informed and given 12-months of identity and credit monitoring services at no cost.
Indian Creek Foundation Breach Impacts 2,405 Individuals
Indian Creek Foundation has informed 2,405 patients regarding a ransomware attack that happened on February 6, 2021. Action was quickly undertaken to control the attack and independent computer forensics professionals looked into the security breach.
The investigation affirmed the potential exfiltration of some files and folders from its systems before the deployment of ransomware for file encryption. Around April 15, 2021, a programmatic and manual evaluation of all impacted files was done to find out which individuals were impacted and what information was affected. It was affirmed around July 14 that patient was found in breached files and directories. Verification of patients’ contact information was finished on August 24. The foundation sent notification letters to all impacted patients.
The information possibly accessed or exfiltrated by the attackers contained names, driver’s license number, Social Security number, medical insurance data, medical treatment/diagnosis details, and financial account data. Free membership to credit monitoring and identity restoration services were given to those persons.
Indian Creek Foundation stated guidelines and procedures were evaluated and kept up to date and more safety measures were enforced to minimize the chance of the same events down the road.