Impact of Elekta Ransomware Attack on Advocate Aurora Health, Jefferson Health, and Intermountain Healthcare Confirmed

Another three healthcare providers made an announcement that they were affected by the recent ransomware attack on Elekta Inc, the Swedish radiation therapy and radiosurgery solution provider.

Elekta has a cloud-based mobile app known as SmartClinic, which healthcare companies use to access patient information for treating cancer. Cybercriminals acquired access to Elekta’s network between April 2, 2021 and April 20, 2021 duplicated the SmartClinic database before deploying ransomware and encrypting data files. The database comprised the personal data and protected health information (PHI) of patients associated with 42 healthcare systems in America. Elekta informed impacted clients last May 2021.

Advocate Aurora Health has lately reported that 68,000 of its patients from 7 sites in Illinois were affected by the ransomware attack. The ransomware group obtained these types of PHI: names, addresses, birth dates, weight and height measurements, driver’s license numbers, Social Security numbers, diagnosis data, treatment details, and appointment confirmations.

Advocate Aurora Health stated there was no proof found that indicates the misuse of information acquired from the attack, nevertheless free fraud consultation, credit monitoring, and identity theft restoration services were provided to impacted people as a safety measure. Advocate Aurora Health stated it is working together with Elekta to make sure that steps are done to avoid the same events later on.

Jefferson Health based in Philadelphia, PA stated that the database included the PHI of cancer patients who went to Sidney Kimmel Cancer Center to obtain treatment. The compromised PHI included patient names, dates of birth, physician names, medical record numbers, department, date(s) of service, diagnosis and/or prescription details, and treatment plans. For a few patients, a Social Security number was likewise breached. Patients are being advised via mail and were given free credit monitoring and identity theft protection services. As per Jefferson Health, it is currently re-assessing its partnership with Elekta. Jefferson Health has not yet mentioned the number of patients impacted.

Intermountain Healthcare based in Salt Lake City, UT mentioned patient names and scanned picture files were possibly compromised. The photo files had information like medical intake forms and medical photos, which might have contained birth dates, demographic data, insurance cards, other ID cards, and Social Security numbers. Intermountain Healthcare is working with Elekta to enforce extra safety measures, which include migrating its information to a new-generation Elekta web system. The 28,628 patients affected by the incident got free credit monitoring services.

About Christine Garcia 1310 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at