April 28, 2018
Center for Orthopaedic Experts is alerting its patients that some of their protected health information was possibly accessed by unauthorized persons who installed ransomware on its system.
The attack impacts all present as well as ex-patients of three of its services in West Hills, Simi Valley and Westlake Village in California. As per Databreaches.net, 85,000 patients have possibly been impacted.
Center for Orthopaedic Experts was notified by its information technology vendor that an unauthorized person started trying in order to access its network on February 18, 2018. Access to the network was gained as well as ransomware was fixed, which was utilized in order to encrypt a wide variety of files, a lot of which contained the protected health information of patients. The kinds of information encrypted by the ransomware included names, dates of birth, details about medical records, and Social Security numbers.
Swift action was taken by the information technology vendor in order to limit the harm caused as well as the affected system was taken offline quickly in order to avoid any exfiltration of data.
An investigation into the breach has not found any evidence to indicate that patients’ protected health information was viewed or copied by the persons responsible for the attack, even though data theft could not be ruled out with 100% certainty. Out of an abundance of caution, all patients whose protected health information was encrypted by the ransomware have been alerted of the breach to let them take precautions to protect against fraud and identity theft.
Even though data theft is not doubted, out of an abundance of caution, Center for Orthopaedic Specialists is offering all affected individuals identity theft protection and credit monitoring facilities through ID Experts for 24 months free of charge. Patients will also be covered by a $1,000,000 insurance policy.