The Susan M. Hughes Center recently announced a data breach due to ransomware attack on its computer system. The incident has potentially affected patients. Facility has immediately launched an investigation. Also, they have reset all passwords and removed the infected server from the system.
A Forensic firm is employed for investigation. It determined that an unknown person accessed server files. The affected information included patient names, telephone numbers, dates of service, types of service or treatment, and amounts paid.
Facility mentioned that there is no evidence of misuse of patient information. Also, sensitive PHI including Social Security numbers or account numbers have not been accessed.
The Hughes Center has started mailing advisory letters to potentially impacted patients. Also, the facility established a call center to answer queries.
“We regret any inconvenience or concern this may have caused our patients. To help prevent something like this from happening in the future we are working with a security firm to enhance the security of our systems.”
Another ransomeware attack involves Summit Reinsurance Services, Inc. who alerted Alliant Health Plans, Inc. of a ransomware attack on its servers. The affected server contained patient data of more than 1,000 Alliant members. Facility mentioned that the investigation didn’t provided any evidence of data misuse. Also, Alliant mentioned that its members are at very low risk of data breach consequences.
Affected information included Social Security numbers, health insurance information, and claim-focused medical records.
Summit is updating its policies, procedures and protections for member information to minimise the damage.It also working on other precautionary measures to prevent further incident. Alliant will be continuing encryption to prevent foreign access of sensitive information.
Summit is notifying the affected individuals and also offering one year of identity theft protection to potentially impacted Alliant members.
“As always, Alliant and Summit recommend taking steps to prevent identity theft by monitoring your credit reports for any unusual activity.”
Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.