On July 8, the Utah provider discovered a ransomware attack on some of its IT systems, which blocked access to patient data and other functions. Law enforcement was notified, as Premier Family Medical worked to regain access and investigate with assistance from technical consultants.
The notification did not provide details into Premier Family Medical’s recovery efforts, including when files were unlocked and if they were restored from backups. However, officials said that the investigation found no evidence data was accessed or taken during the security incident.
The provider has since enhanced its security to prevent a recurrence. According to McAfee, ransomware attacks have doubled in 2019, with hackers steadily increasing brute-force attacks on remote desktop protocol services and SMB (server message block).
Providers Still Recovering from Digital Dental Record Ransomware Attack
During the last week of August, a ransomware attack on Digital Dental Record (DDS Safe) and PerCSoft impacted hundreds of dental provider offices across the country. According to the most recent update, some providers are still attempting to get back online.
The infection started on Monday, August 26, and before the vendors were able to remove the virus, it had spread to hundreds of its dental clients. DDS Safe and PerCSoft have been working with its software team to fix the issue and are leveraging a decryptor to unlock files of the affected providers.
What’s more, the vendors have been working with the FBI’s CyberCrime Task Force. At the moment, the investigation has not revealed any type of data compromise.
“If that changes, and investigators confirm that the attack released private business and patient data versus simply locking it, DDS Safe and PerCSoft will immediately communicate that to impacted clients and assist them in complying with the appropriate next steps,” DDS Safe’s Mara Roberts, said in a statement.
“The team is fully aware of the possible reporting rules and deadlines and is working tirelessly to determine the extent of notification – if any – that may be required,” she added. “We regret the frustration and difficulty this situation has caused and have devoted all resources to resolving it as quickly and completely as possible.”
According to the notice, some of these dental providers are being contacted by outside consultants attempting to sell the offices IT and identity restoration services. Officials recommended that providers exercise caution when seeking advice from those unfamiliar with the incident.
Alive Hospice Corrects July Breach Notification
On May 6, officials discovered a hacker gained access to an employee email hack for two days, beginning on May 4. The investigation determined the compromised account contained a trove of patient details including contact information, demographic data, Social Security numbers, driver’s licenses, medical histories, provider details, health insurance data, and a host of other identifiers.
Nearly one week after the notification letters were sent, Alive discovered a mailing error during the address export process that resulted in letters being addressed to the incorrect recipient. Officials said they corrected the error and mailed a second letter to affected patients shortly afterward.
The initial notification letters did not contain any reference to treatments received at Alive or any protected health information. The information related solely to the breach at Alive and included the incorrect recipient’s name.