Cybersecurity breach in North Florida OB-GYN possibly compromises Protected Health Information
North Florida OB-GYN, based in Jacksonville city, has discovered that hackers have gained access to some portions of their networked computer systems containing health and personal information of patients'. After the access, the hackers have deployed a virus causing widespread file encryption.
Once the breach was discovered on Jul. 27, 2019, the networked computer systems have been quickly shut down and the breach response as well as recovery procedures have been launched. The Federal Bureau of Investigation was contacted, and North Florida OB-GYN has started their forensic investigation. Third-party IT consultants have assisted in this investigation. The investigation has revealed that the networked computer systems were most likely compromised on or before Apr. 29, 2019.
While the investigation has confirmed the system access, no evidence of theft of medical or personal information or even unauthorized data access was found. However, the data access as well as data exfiltration cannot be ruled out.
The Protected Health Information that was possibly compromised in this attack varies patient to patient and might have included the name, demographic information, dates of birth, identification card number, driver's license number, health insurance information, Social Security number, employment information, diagnoses, medical images, and treatment information.
The affected individuals were advised to remain on alert, and review account statements so as to check any unauthorized use of information. A North Florida OB-GYN spokesperson has told the HIPAA Journal that as a precautionary step as well to help detect any possible information misuse, the North Florida OB/GYN has been offering identify theft protections and credit monitoring services to possibly affected individuals free of cost.
North Florida OB-GYN was able to recover almost all the files encrypted in this cyberattack. However, it is not clear whether the files have been recovered from the backups, or any ransom demand was issued and paid. Steps to strengthen the security in order to prevent similar kind of incidents from happening in the future have already taken by North Florida OB-GYN.
Besides, this breach was reported to HHS' Office for Civil Rights (OCR) along with the appropriate state authorities. As per breach report on OCR website, around 528,190 patients were affected by this incident.
» SPAMfighter News - 10/23/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!