Phishing Attack Announced by Adventist Health Sonora and Update on Great Plains Health Ransomware Attack

Adventist Health Sonora in California suffered unauthorized access by a person to a hospital associate’s email account causing the likely compromise of patient data.

Adventist Health Sonora’s information security team discovered the email account compromise on September 30, 2019. Prompt measures were done to keep the breached Office 365 account safe. Adventist Health Sonora had the breach looked into to find out its magnitude.

The investigators affirmed that there was suspicious access to the Office 365 email account after the response of employees to a phishing email. But it was a singled out occurrence. Other email accounts or systems were not impacted.

The intent behind the attack appears to be the rerouting of invoice payments and swindling of the hospital and its vendors, instead of to obtain sensitive patient data.

As stated by Adventist Health Sonora, the detailed review of the impacted account on October 14, 2019 revealed that the email account comprised the protected health information (PHI) of 2,653 patients. The types of data compromised included names, medical record numbers, birth dates, medical insurance data, hospital account numbers, and medical data linked to the services offered at the hospital.

There is no proof found that indicates the attacker acquired patient data. However, to ensure the safety of the impacted patients, Adventist Health Sonora dispatched notification letters and provided free identity theft protection services for a year.

80% Data Recovery After Great Plains Health November 2019 Ransomware Attack
Great Plains Health based in North Platte, NE suffered a ransomware attack in November 2019 that resulted in the encryption of its network. The provider made the decision not to pay off the ransom and fixed the systems using backup data. It was a labor-intensive and meticulous procedure, yet hospital officers reported that it’s currently 80% done.

Patient system restoration was given priority and was recovered to start with. Critical patient systems were recovered in two weeks. The staff worked twenty-four hours a day to make sure the recovery of the systems in fast. All through the attack and restoration procedure, patients continued to obtain healthcare services and they weren’t refused or rerouted to other medical amenities.

Hospital officers have now announced that all-important IT networks are currently back working. The ransomware attack had no impact on any of the patient care services. Only the archives require restoration, which consist of data that the hospital rarely|seldom} use.

About Christine Garcia 1299 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at