EmergeOrtho & General Health System Suffer Ransomware Attacks

EmergeOrtho, an orthopedic practice in North Carolina, has just informed 75,200 patients that unauthorized individuals accessed some of their protected health information (PHI). As per the substitute breach notice posted by EmergeOrtho, the practice detected and blocked an advanced ransomware attack on May 18, 2022. The forensic investigation affirmed that the files accessed by the threat actors contained the PHI of patients.

On August 19, 2022, an extensive analysis of all impacted files affirmed that they held data including first and last names, Social Security numbers, addresses, and, for selected persons, birth dates. The attack did not compromise any medical records, treatment data, or financial data. There was no evidence found that indicates the misuse of any of the breached information.

EmergeOrtho stated that top-rated IT experts confirmed the safety of its network system. It will continue to take steps to improve the safety of its systems. More monitoring resources were used to proactively discover any future attempted attacks. EmergeOrtho has provided impacted individuals with a free single bureau credit monitoring services membership.

General Health System Informs Patients Regarding Ransomware Attack and Stolen Data

General Health System based in Baton Rouge, LA, which manages Baton Rouge General Medical Center, has lately announced that unauthorized persons acquired access to its system and extracted files that contain patient information. The forensic investigation affirmed that the threat actors got access to its system and the files inside a number of directories from June 24, 2022 to June 29, 2022. The provider detected the cyberattack on June 28, 2022.

General Health System announced the ongoing investigation of the attack. An extensive analysis is being performed of all files inside the directories that may have been viewed. At this period, the degree to which patient information was affected is not yet confirmed. It is presently uncertain how many people were impacted. Notification letters will be mailed as soon as that process is done.

The attack disrupted some operations, and although the provider still provides patient care, ambulances were rerouted to other centers. General Health System didn’t give information on the cause of the attack; nevertheless, the Hive ransomware gang has professed to be behind the attack and has begun to post a portion of the stolen information to its leak website, which indicates Baton Rouge did not pay the ransom.

About Christine Garcia 1304 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA