The chiropractor Accents on Health based in Lone Tree, CO encountered a ransomware attack on August 5, 2020 that saw the encryption of information kept on its computer systems. Cybersecurity forensics experts looked into the breach to find out if the hackers viewed or exfiltrated patient data.
There was no proof found that indicate the exfiltration of patient information before the ransomware attack, however, data theft can’t be ascertained. The impacted computer systems contained the PHI of 2,000 patients such as full names, dates of birth, addresses, Social security numbers, account numbers, medical data, diagnosis codes, and insurance data.
There was no report obtained that suggest the misuse of PHI. Accents on Health is currently checking its software applications, systems, policies, and procedures and will carry out further safeguards to stop other cyberattacks.
Ransomware Attack on Magnolia Pediatrics
Magnolia Pediatrics located in Prairieville, LA sent notification to 12,861 patients about the potential compromise of their protected health information (PHI) because of a ransomware attack that happened on or around March 26, 2020.
IT vendor, LaCompuTech investigated the attack and established that only its master boot record was impacted and the attackers did not access, export, or encrypt any patient information. The IT vendor stated that there was no occurrence of a HIPAA breach, therefore it is not necessary to send a breach report to the HHS’ Office for Civil Rights. It is also not required to send breach notification letters to patients.
But on September 11, 2020, OCR advised Magnolia Pediatrics that the breach was reportable, and issuing notification letters to patients was necessary. OCR said that any attacker who managed to access the master boot record may have had total control of the server and thus had access to any PHI kept on that server.
The server kept the following protected health information: the patients’ names, Social Security numbers, telephone numbers, addresses, birth dates, medical insurance data, health record numbers, and clinical details, like diagnoses, lab test results, treating doctors’ names, medications, medical histories, and dates of service.
Magnolia Pediatrics stated the investigation didn’t find any evidence that suggests the encryption or exfiltration of any patient data in the incident. Magnolia Pediatrics is doing something to enhance security, such as the usage of
- multi-factor authentication on its servers and networks
- enhanced filtering for email and traffic
- multiple intrusion deterrence and detection systems
- step-by-step risk analysis and remediation procedure for its computer systems
The workforce is provided with additional training on cybersecurity awareness. The dark web is being tracked for any email addresses connected with Magnolia Pediatrics.
Magnolia Pediatrics has ended its connection with LaCompuTech and got a top-rated IT and security provider to manage its computer systems security.
This is Magnolia Pediatrics’ second ransomware attack in the last 14 months. The first attack took place on August 23, 2019 and affected 11,100 patients.