30,000 Patients Affected by May Eye Care Center Ransomware Attack

A July 2018 ransomware attack on May Eye Care Center in Hanover, PA saw a variety of confidential patient information encrypted, including data in its electronic medical record system.

The ransomware attack was found by May Eye Care on July 29, 2018. The ransomware was downloaded on a server that had patients’ names, treatment information, clinical information, diagnoses, insurance information, dates of birth, addresses, and a limited number of Social Security numbers.

May Eye Care Center called in a prominent computer forensics firm to probe the breach and an IT firm that concentrates in data safety was hired to carry out a complete examination of safety systems and procedures. Safety has now been improved to avoid more attacks.

A ransom demand was received, but no payment was made. May Eye Care Center was able to recuperate all of the files encrypted by the ransomware from standbys without any loss of data.

All patients impacted by the occurrence have been informed and the breach was informed to the Division of Health and Human Services’ Office for Civil Rights on October 11. The breach synopsis on the OCR Breach Portal shows 30,000 patients were impacted by the occurrence.

May Eye Care Center considers the only intention of the attack was to get a ransom payment. No proof has been found to suggest any patients’ protected health information was accessed by the attackers and no reports of misuse of PHI have been received. However, since data theft can’t be excluded, all patients have been advised to verify their credit statements, accounts, and explanation of benefits statements for any indication of fake activity.