30,000 Patients Impacted by May Eye Care Complex Ransomware Attack

A July 2018 ransomware attack on May Eye Care Center in Hanover, PA saw a variety of confidential patient information encrypted, including data in its electronic medical record system.

The ransomware attack was detected by May Eye Care on July 29, 2018. The ransomware was downloaded on a server that had patients’ names, treatment information, diagnoses, insurance information, dates of birth, addresses, clinical information, and a restricted number of Social Security numbers.

May Eye Care Center called in a prominent computer forensics firm to probe the breach and an IT firm that specializes in data safety was hired to carry out a complete review of safety systems and procedures. Safety has now been improved to avoid more attacks.

A ransom demand was received, but no payment was made. May Eye Care Center was capable to regain all of the files encrypted by the ransomware from standbys without any loss of data.

Al patients impacted by the occurrence have been informed and the breach was informed to the Division of Health and Human Services’ Office for Civil Rights on October 11. The breach summary on the OCR Breach Portal shows 30,000 patients were impacted by the occurrence.

May Eye Care Center considers the only purpose of the attack was to get a ransom payment. No proof has been found to indicate any patients’ protected health information (PHI) was retrieved by the attackers and no reports of abuse of PHI have been received. Nevertheless, since data theft cannot be excluded, all patients have been suggested to check their credit reports, accounts, and explanation of benefits statements for any indication of fake activity.