6,550 Jemison Internal Medicine Patients Impacted by Ransomware Attack

A ransomware attack on Jemison Inner Medicine of Alabama on December 20, 2017, resulted in electronic health files being encrypted, incapacitating access to the patient files for the healthcare supplier.

A ransom ultimatum was transmitted for the solutions to incapacitate the encryption even though no payment was transferred to the assailant. Fortunately, Jemison Internal Medicine had workable standbys of electronic PHI and reestablished files after reinstalling the operating system on impacted appliances. An analysis of its system post-data reestablishment indicated no signs of the malevolent software continued.

Though ransomware attacks are frequently not targeted and occur because employees respond to phishing electronic mails, this attack was more focused. The analysis into the safety break showed an illegal person had obtained access to the computer system of Jemison Internal Medicine and accessed for a duration of about three months.

The inquiry didn’t demonstrate any evidence to show the hacker accessed the EMR system, even though it was not possible to exclude data access with a high level of confidence. The sorts of data that might possibly have been seen or reproduced include names, health insurance details, prescription information, driver’s license numbers, Social Security details, addresses, dates of birth, telephone numbers, and treatment and process details.

The occurrence has led to Jemison Internal Medicine to finish an audit of policies, security, and processes and measures have been taken to protect its systems and avoid further attacks. Distant connectivity to its computer systems has been cut off, all passwords have been altered, and other steps have been improved to increase safety.

Patients affected by the safety break have now been warned by post and the occurrence has been informed to the Division of Health and Human Service’ OCR. The OCR break precis states that the PHI of 6,650 patients was possibly affected.