Ransomware Attack on Reproductive Biology Associates, UF Health Central Florida and Georgia Hospital System

The fertility clinic Reproductive Biology Associates in Georgia has reported a ransomware attack in April that allowed attackers to exfiltrate files made up of the personal data and protected health information (PHI) of roughly 38,000 patients.

The attackers acquired access to a file server that contains embryology information on April 7, 2021, and used ransomware to encrypt data files on April 16, 2021. The records included the sensitive data of patients of Reproductive Biology Associates along with its affiliate My Egg Bank North America. The compromised PHI included complete names, addresses, Social Security numbers, lab test data, and data associated with the handling of human tissue.

The breach investigation ended on June 7, 2021. Although there is no formal confirmation of the ransom payment, Reproductive Biology Associates stated the attackers had all the stolen data deleted and all encrypted information was already restored.

Reproductive Biology Associates is continually monitoring the web and dark websites for evidence of misuse of the stolen information. Impacted persons received offers of free credit monitoring and identity theft protection services. A third-party cybersecurity company also helped enhance the security of its systems to avoid other attacks.

UF Health Ransomware Attack Affects Patient Care

UF Health Central Florida experienced a ransomware attack on May 31, 2021 that impacted Leesburg Hospital and The Villages Regional Hospital. After the attack, the healthcare provider enforced emergency downtime procedures and continued to provide care to patients, though staff members used pen and paper to record patient information.

After more than 2 weeks since the attack occurred, the hospitals still implement EHR downtime procedures as UF Health works on restoring its systems and impacted information. Now, the attack is negatively impacting patient care.

As per the latest report on WESH 2 News, staff at the impacted hospitals mentioned they still cannot access the EHR, cannot get medication details, and cannot confirm whether patients have certain allergies. Employees are likewise encountering delays obtaining laboratory reports. Employees at the hospital talked to reporters and mentioned a number of patients were getting one medication if a different one was requested, and medicines that are due are not available. One employee expressed concern that something might happen in case they administer a medication that was believed to be ordered but wasn’t.

It is presently uncertain if UF Health expects to give the ransom payment and if patient data was stolen. A UF Health spokesperson cannot confirm the date when systems will be re-established.

Georgia Hospital System Encounters Ransomware Attack

St. Joseph’s/Candler (SJ/C) hospital system based in Savannah, GA reported a ransomware attack on June 17, 2021. The attack blocked access to computer systems and so the hospital implemented emergency protocols. Staff is currently using pen and paper to log patient information.

The attack was discovered immediately and action was undertaken to isolate systems to restrict the problems caused; nevertheless, it is still premature to say which patient information, if any, was impacted and if the attackers acquired patient information before the ransomware encrypted files.

SJ/C stated that it is continuing patient care operations using set-up backup procedures and other downtime measures. The hospital doctors, nurses and personnel are prepared to deliver care during these types of circumstances and are dedicated to doing everything possible to offset disruption and offer continuous patient care.