Francisco J. Pabalan MD of Pabalan Eye Center based in Riverside, CA has announced a ransomware attack that has affected around 50,000 patients.
The center discovered the ransomware attack on March 3, 2021. The investigation confirmed that the attack started on March 1. The threat actors encrypted files on servers and computers thus preventing patient data. They also asked for a ransom to restore the patient data. All impacted computers and servers had been backed up prior to the attack, therefore encrypted data recovery is possible even if not paying the ransom.
The investigation did not find any evidence of data theft. The ransomware attack seems to have been conducted just to bring about disruption to services in order to get cash from the practice. Following the attack, all computers and servers were changed prior to the installation of operating systems and software program, and patient information was then restored from backups.
Extra security steps have been implemented, such as using new anti-virus and anti-ransomware application, a new Security Rule Risk Management Plan, and a new data encryption technology. New technical security measures were brought in to strengthen security, such as new, secure VPN-protected connections to servers, up-to-date password policies, and extra training provided to the employees to help with the recognition of security risks. Moving onward, regular technical and non-technical assessments and updates will be carried out.
Although it does not appear that the attackers obtained financial details, all affected patients were instructed to be cautious and keep track of their account statements and for any indications of identity theft or scam. Protected health information (PHI) possibly compromised in the incident includes scanned insurance forms, examination findings, imaging, diagnostic screening, and scanned past medical data.
Campbell, Conroy, O’Neill Law Agency Reports a Ransomware Attack
Campbell, Conroy, O’Neill law firm located in Boston, MA has announced a ransomware attack on or roughly February 27, 2021.
The attackers encrypted selected files on its systems which hindered access. The investigation suggested the attacker had accessed files that contain sensitive data in the attack. It was not possible to know whether the threat actor saw or obtained data associated with particular individuals.
The types of information contained in the files varied from one person to another. One or more of the following data elements are included: names, dates of birth, state identification numbers, driver’s license numbers, financial account details, Social Security numbers, passport numbers, payment card details, health data, health insurance details, biometric information, and online account credentials like usernames and passwords.
Campbell, Conroy, O’Neill has performed an evaluation of guidelines and procedures and more safeguards are being executed to stop more attacks. Persons whose Social Security number was possibly exposed in the incident were given a complimentary 2-year membership to fraud consultation, credit checking, and identity theft restoration services.