Ransomware Attack on NJ-based Orthopedic Surgeon
Orthopedic Surgeon based in Paramus, New Jersey, and ActivYouth Orthopedics owner, Ronald Snyder, M.D., recently became victim of a ransomware attack. On Jan. 9, 2019, staff of Snyder first discovered that one office computer server containing the patient billing information was compromised and then encrypted by ransomware.
The attack prevented the office staff of Snyder from accessing the patient files. However as his office regularly backed up the server to have backups of the patient information, so it has been possible to restore quickly almost all the files that had been encrypted by cyberattack without paying any ransom demand.
Snyder also hired a third-party cybersecurity as well as computer forensics firm in order to assist in the investigation, and determine if any type of patient data was accessed. However, due to damage done to computer server along with its stored data, the pediatric orthopedic surgeon learned on Apr. 2, 2019, that they were not able to determine whether any patient information was accessed.
No evidence has been found to suggest that this attack was conducted for gaining access to the patient information, even though it has not been possible to rule out the data access. So, all patients possibly affected by the data breach were notified by mail.
The types of information stored in files of the impacted server were: names, dates of birth, addresses, genders, patient status, co-pay amounts, employment status, email addresses, telephone numbers and, also some of the patient's insurance identification number, which can be the Social Security number.
"Dr. Snyder takes this incident and the security of patient information in his practice's care very seriously. As part of his practice's ongoing commitment to the privacy and security of patient information, he is working to review existing policies and procedures and to implement additional safeguards to further secure the information in his systems" as per his press release.
In addition, Snyder is offering possibly affected patients 1 year of free identity restoration and credit monitoring services.
Breach report on HHS website, which was filed under provider name (i.e. Pediatric Orthopedic Specialties, PA, dba, ActivYouth Orthopaedics), indicates that 24,176 patients were affected by this breach.
» SPAMfighter News - 5/20/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!