Ransomware leads to data breach

January 7th, 2017 by admin Leave a reply »

Arizona-based Desert Care Family & Sports Medicine recently announced data breach due to ransomware attack. The incident has affected up to 500 patient records. Desert Care has notified local police and the FBI. It has also taken its server to IT specialists so that ransomware encryption can be broken to retrieve affected patient data. But they are not able to access the encrypted data. All hacked patient records remain unavailable.

Desert Care in the statement mentioned that “We understand that this may pose an inconvenience to you. We sincerely apologize and regret that this situation has occurred. Desert Care is committed to providing quality care, including protecting your personal information, and we want to assure you that we have policies and procedures to protect your privacy.”

Facility mentioned that it does not know whether the information has been exposed. It said that by the type of ransomware the intention was to gain access to information. It also mentioned that it doubts any information has been affected or copied onto a different system.

Affected patients are sent notification by the facility. It alerted them about the incident. According to the reports – full name, dates of birth, home addresses, account numbers, and disability codes are potentially exposed. Desert Care started a forensic investigation into the incident. Also, it is updating its technology and policies to prevent future attacks.

“Desert Care is taking steps to mitigate any data disclosure and to prevent any future incidents. The ransomware attack was reported to the authorities and we fully intend to cooperate with any investigations. In addition, we are conducting our own forensic investigation into the attack. We are also updating our technology and policies to prevent future incidents. “

Facility has advised the patients to make effort for protection which includes-

Consumers should register a fraud alert with one of three credit bureaus

Monitor all account statements, and contact the Consumer Protection Division of the Arizona Attorney’s General Office or the Federal Trade Commission’s Fraud Victim Assistance Department for assistance.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements.

Leave a Reply