Eye Physicians, P.C., in Columbus, as well as Columbus Surgery Center, LLC Nebraska have faced a ransomware attack which has possibly led to the safeguarded health information of nearly 10,000 patients accessed by the attackers.
The ransomware attack happened on October 7, 2017 and encrypted a wide variety of records on some computer networks by the illegal computer software. A pay demand was released by the attackers, even though it wasn’t paid. The encrypted records were fixed up from a latest backup to let services to continue to offer to patients.
Third-party computer forensic professionals were hired to help with the inquiry of the attack to decide whether the attackers accessed to, seen, or reproduced patient information as well as to probe how the servers were accessed and how the illegal computer software was set up.
The inquiry didn’t find proof to indicate any patient health information was thieved, however, data access might not be excluded with a high level of confidence. Therefore, the event was reportable to the Division of Health and Human Services’ OCR according to HIPAA Laws and notices to patients were necessary. Those notices have now been posted.
Eye Physicians informs that the breach contained information like names, dates of birth, as well as ophthalmic images and that no Social Security numbers or financial information were disclosed.
As a consequence of the attack, an external IT safety expert was hired to carry out a complete security risk evaluation to identify possible weaknesses, as well as software and hardware, have been updated as a consequence of that evaluation. It’s expected that the expansions to security will assist to avoid similar cases from taking place in the time to come.
As per the breach reports submitted to OCR, the incident impacted 2,620 patients of Eye Physicians and 7,721 patients of the Columbus Surgery Center.