Ransomware Attacks Reported by Professional Business Systems and Prima Pediatrics

Professional Business Systems, Inc. doing business as Practicefirst Medical Management Solutions and PBS Medcode Corp, a medical management services provider for healthcare companies, has encountered a ransomware attack that allowed the attackers to acquire patient information

The service provider discovered the ransomware attack on December 30, 2020, and immediately shut down its systems in order to restrict the attack and informed law enforcement. Third-party cybersecurity specialists investigated the occurrence.

Practicefirst hasn’t affirmed if the ransom was paid however it said that the attacker assured that the files stolen from its systems were destroyed and won’t be further exposed.

There were no known cases of patient data misuse; nevertheless, all impacted persons were instructed to keep track of their accounts for any indication of falsified activity.

The types of patient data included in the breached files were different from one patient to another and might have contained the data elements listed below:

name, address, email address, birth date, driver’s license number, Social Security number, laboratory, diagnosis, and treatment data, patient ID number, medication data, medical insurance identification and claims data, tax ID number, employee username and password, employee username and security Q&A, and bank account and/or debit card/crebit card data.

Extra security techniques were since put in place to better secure its email, network and other IT programs.

Prima Pediatrics Experiences Suspected Ransomware Attack

Prima Pediatrics detected the compromise of some of its computer programs and the installation of malware that caused a number of its computer systems to be non-functional and the information saved on those systems unavailable.

Prima Pediatrics stated the majority of the information on the impacted computers is believed to have been encrypted during the attack, and there was no information regarding the improper usage of patient information. The investigation found no proof to indicate the exfiltration of any patient information by the attackers. The impacted systems contained the following protected health information (PHI): names, diagnoses, and medical illnesses, and medical backgrounds.

All patients possibly impacted by the breach were informed and instructed to keep track of their accounts and explanation of benefits reports for any indication of bogus activity. Prima Pediatrics is going to assess and update its privacy and information security policies and processes to avoid the same cases from happening again.