Ransomware Attack on New York Medical Group and Entrust Medical Billing

Orthopedic Associates of Dutchess County, a New York medical group practice, has reported the potential theft of protected health information (PHI) of certain patients in a recent cyberattack .

The security breach was discovered on March 5, 2021 after identifying suspicious activity in its systems. An investigation into the breach established the unauthorized access of some individuals in its network on or around March 1, 2021. The attackers acquired access to selected systems and encrypted files and gave a ransom demand to acquire the keys to decrypt the files.

The attackers maintained they had taken sensitive data prior to encrypting the files, though it was not possible to determine which files had been stolen. An evaluation of the systems, which the hackers accessed revealed they included files having PHI like names, email addresses, addresses, contact telephone numbers, dates of birth, payment information, emergency contact details, diagnoses, treatment data, medical record numbers, health insurance details, and Social Security numbers.

People possibly affected by the breach were informed by mail and were provided a 12- month complimentary membership to credit monitoring and identity theft protection services. Currently, there are no reports of attempted or actual misuse of any patient information.

The breach resulted in the potential compromise of the protected health information of 331,376 people.

PHI of 5,426 Persons Compromised in Entrust Medical Billing Ransomware Attack

Entrust Medical Billing, a medical billing company based in Canton, OH, has experienced a ransomware attack that resulted in the probable exposure of the PHI of 5,426 persons.

Third-party cybersecurity specialists were called in to help with the investigation and figure out the magnitude of the security breach. On or approximately March 1, 2021, the investigation affirmed that the attackers had exfiltrated some of the files containing PHI such as names, birth dates, addresses, medical diagnosis/clinical data/treatment type or location, medical procedure details, medical insurance data, and patient account number.

Although the investigation confirmed the data theft, there is no evidence found that indicates actual or attempted misuse of the stolen data. Affected people have now been informed and those who had their Social Security numbers compromised received offers of free credit monitoring services. The company also implemented new technical safeguards and increased its monitoring efforts across its network environment.