SamSam Ransomware Attack on Allied Physicians Group of Michiana Potentially Exposed PHI

A segment of Allied Physicians Group of Michiana’s network system was down due to a ransomware attack. This episode occurred on May 17, 2018. The attacker encrypted a number of data files stored on the network. It is not known at this time if any patient’s protected health information (PHI) was encrypted however investigators are still searching the incident to find out if the data breach incident compromised of any sensitive information.

Allied Physicians Group of Michiana discovered the attack immediately and shut down its network system quickly to protect the PHI of patients. The data breach responder, 3rd party experts and IT specialists are working jointly to determine the extent of the attack and recover the encrypted data files.

Indiana Physicians Group reported that all data and the network had been recovered and secured. There was no significant disruption of patient services that resulted from the attack. To avoid identical mishaps from taking place again, safety procedures were reviewed and improved to reinforce security and offset risks.

CEO Shery Roussarie presented a news release on May 21 detailing that Allied Physicians Group of Michiana suffered a SamSam ransomware attack. There were a number of cyberattacks attributed to the SamSam ransomware during the past year. One of the well known SamSam attack occurred in Atlanta City.

The objective of cybercriminals in doing these ransomware attacks is to force their victims to pay ransom money. Generally, the attacker demands the victims to pay roughly $45,000. The public does not really know if the victims paid ransom or not. Roussarie does not confirm or deny in their press release that Allied Physicians Group of Michiana paid ransom.

The FBI and other regulatory institutions are still inspecting everything associated to the incident. Allied Physicians Group of Michiana will disclose additional information when the investigation is complete and will quickly inform the patients the moment there’s confirmation that PHI was potentially exposed.

About Christine Garcia 1310 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA