Ransomware Attacks at GBMC HealthCare, Golden Gate Regional Center and Dyras Dental

GBMC HealthCare based in Towson, MD announced a ransomware attack that occurred on December 6, 2020 resulting in the shutdown of its computer systems. The healthcare organization now operates under EHR downtime procedures while it mitigates the attack. GBMC HealthCare had a plan for such a case and had processes set up to make sure that it could continue to provide patient care while minimizing disruption.

GBMC Healthcare continues to provide patients with safe and effective care. Its emergency section did not cease receiving patients; but, certain elective treatments scheduled for December 7 were postponed. GMBC is doing all it can to bring systems back online and recover the encrypted data. The incident is already reported to law enforcement who is looking into the attack. The Egregor ransomware gang has stated it is responsible for the attack.

Golden Gate Regional Center Ransomware Attack Impacts 11,315 Individuals

Golden Gate Regional Center in San Francisco, Marin, and San Mateo counties in California provides services to persons with developmental disabilities. On September 23, 2020, it noticed suspicious activity on its computer networks. The investigation showed that the attacker exfiltrated the protected health information (PHI) of 11,315 people from its systems before deploying the ransomware.

Information stolen in the attack only included names, service codes/descriptions, vendor/service provider names/numbers, GGRC client identification numbers, month or year of service, and cost data associated with the services given. No evidence was found that indicates the misuse of any stolen data. Affected persons received notification by mail in November. Breach victims received free identity theft protection services.

Stolen Data from Dyras Dental Dumped

Dyras Dental based in Lansing, MI has encountered a ransomware attack that used the Egregor ransomware. This attack is not yet verified by the dental service provider. Databreaches.net identified a dump of information stolen in the attack on September 24, 2020. It attempted to contact Dyras Dental, however, there was no response from the provider. Databreaches.net reported the incident to the Department of Health and Human Services’ Office for Civil Rights since it would seem that it was not yet reported and patients did not get any notification letter regarding the theft of their PHI.

As per Databreaches.net, the dumped information contained more than 100 files with data such as insurance billing details, voicemail recordings that contain PHI and employee W-2 statements.