Rise Wisconsin is warning more than 3,700 plan members that a few of their PHI was potentially retrieved by illegal people during the latest ransomware attack.
The ransomware was fitted on its network on or about April 8, 2018. The ransomware attack was noticed quickly, even though not in time in order to avoid the encryption of data.
Rise Wisconsin (earlier Community Partnerships Inc., and Center for Families) requested third-party computer forensics specialists to help with the breach inquiry as well as recovery procedure. Although the inquiry did not reveal any proof to indicate protected health information was retrieved or thieved in the attack, it was not possible to exclude data access and data thievery with a high level of confidence.
Possibly, the kinds of data that might have been retrieved by the attackers included names, dates of birth, addresses, Social Security numbers and, for particular patients, a limited amount of health information. No financial information was undermined.
Rise Wisconsin has not revealed how much the attackers required for the safety keys to open the encrypted data or whether that payment demand was paid.
Rise Wisconsin takes the safety of health information extremely seriously and had applied a variety of safety controls in order to avoid the illegal retrieving of protected health information. In this instance those controls proved inadequate; nevertheless, measures have now been taken to increase safety and avoid more occurrences of this type from happening. Those measures include placing additional limitations on network access and increasing staff information safety consciousness teaching.
The occurrence has been informed to proper powers that be and law enforcement is probing the attack. The breach report presented to the Division of Health and Human Services’ Office for Civil Rights shows 3,731 plan members have been affected by the occurrence.