Family Medical Center of Michigan (FMC) located in Temperance, MI has advised 21,988 patients regarding a July 2020 ransomware attack that resulted in the potential compromise of their protected health information (PHI).
FMC stated that a cybercriminal gang operating out of Ukraine seemed to have performed the attack. The attackers encrypted the financial files of FMC, therefore, preventing its employees from getting access to patients’ financial records. The attackers issued a ransom demand of $30,000 in cryptocurrency in exchange for the digital key to unlock the encrypted data files.
FMC mentioned it worked with a third-party computer security corporation – IDX – to look into the breach and aid to safeguard its digital ecosystem. IDX recommended paying the ransom as part of a tactic to know the magnitude of the attack. As per FMC CEO, Ed Larkins, it gave in to the demand and settled the ransom one week after the attack took place. The attackers provided the key to decrypt files in two weeks.
The breach investigation affirmed that only financial data was impacted and patient medical information was not affected in the ransomware attack. Patients affected by the attack had obtained health services at some time in the past 14 years.
Subsequent to the attack, the action was undertaken to strengthen security and stiffen defenses to protect against more attacks. IDX is continuing to take care of the response to the event and hasn’t found any attempted or actual patient data misuse because of the attack. FMC has given free credit monitoring services to patients who had their financial data exposed.
Ransomware Attack Experienced by Buddhist Tzu Chi Medical Foundation
Buddhist Tzu Chi Medical Foundation based in West Sacramento, CA is informing 18,968 patients concerning the possible exposure of some of their PHI because of a cyberattack.
The attack was noticed on July 15, 2021 when areas of its system became unavailable. The attacked server was quickly taken off the internet, and emergency procedures were followed, with the staff members using pen and paper to document patient details. A forensic investigation was done to know the nature and extent of the breach, which established that portions of the network the hackers accessed included patient information.
It cannot be determined if the attackers accessed or exfiltrated any patient data. Only the data access was confirmed. The files likely exposed in the attack comprised names, birth dates, and diagnosis details, which involved dental x-rays for dental care patients. No other patient records were filed on the impacted server and computer system.
Given the nature of breached data, it is believed that there is a very low possibility of information misuse; nonetheless, as a safety measure, impacted patients were instructed to keep an eye on their report of benefits and other medical data for any dubious activity.