Long-standing Malware Contamination Found by CCDA

In August, when Catholic Charities of the Diocese of Albany (CCDA) was carrying out an update of its computer safety software, a malware was found to have been fixed on one of the computer networks utilized by its Glens Falls branch, which helped patients in Warren, Saratoga and Washington Regions in New York.

Swift action was taken to obstruct access to the computer network and CCDA summoned a computer safety business to carry out a probe into the illegal access. The inquiry, which took many weeks to finish, disclosed that access to the computer network possibly happened in 2015.

Although access to the computer network was possible and a malevolent program had been fitted, the inquiry didn’t find proof to indicate the PHI of patients had been seen or thieved.

An examination of the computer network disclosed the saved files had the PHI of 4,624 patients. The info possibly retrieved by the attackers contained names, diagnosis codes, addresses, dates of service, birthdates, and for a few sick persons, their health protection identification numbers which might have contained Social Security numbers. Financial info as well as details of therapy and treatment were saved somewhere else on the computer network and were not retrievable at any place.

The case has been informed to police, the Division of Health and Human Services’ OCR, the Department of Customer Protection, as well as the national Attorney General. Patients have been alerted to the breach and have been provided credit checking and identity thievery safety facilities for one year free of charge.

Even when proper safety solutions are applied to protect the PHI of patients, breaches can still happen. Sister Charla Commins, Executive Director of Catholic Charitable foundation of Warren, Saratoga and Washington Regions, described, “We have latest digital safety measures in position, however, every day it appears criminals determined on attacking computers find new methods to do so.” Sister Commins additionally described, “We take very earnestly our duty for safeguarding private information, and we earnestly make an apology for any embarrassment this might cause our staff and clients.”

To avoid future malware intrusions and attacks, CCDA has improved the safety of its computer networks.