Magnolia Pediatrics became victim of a ransomware attack

Magnolia Pediatrics based in Prairieville city of Louisiana became victim of a ransomware attack in Aug., which possibly has impacted several patients' data.

The attack began on Aug. 23, 2019, and encrypted the patient data that was stored on the computer network of Magnolia Pediatrics. Assisted by the third-party computer forensics company, Magnolia Pediatrics has determined that patient information was not removed from its computer systems in this attack. Even though data theft has not been suspected, still unauthorized data access/theft could not be completely ruled out. So the officials are notifying all the patients whose information was present on Magnolia Pediatrics network about this incident, as a precautionary measure.

The computer system that has been encrypted contain patient data like names, addresses, Social Security numbers, dates of birth, telephone numbers, clinical information, medical histories, medical record numbers, treating physicians' names, insurance information, diagnoses, medications, lab test results, as well as dates of service.

This ransomware incident was reported to Federal Bureau of Investigations (FBI) by Magnolia Pediatrics, and they are currently coordinating with FBI in their ongoing investigation about this incident. Steps have been taken by Magnolia Pediatrics to improve security, so as to prevent similar kind of attacks in the future.

Apart from the steps that Magnolia Pediatrics has been taking, it has been recommended that steps like registering fraud alert with three credit bureaus (TransUnion, Equifax and Experian) should be taken to protect oneself from potential danger of this incident. In addition, one should monitor closely EOBs, credit card statements, as well as credit bureau reports.

In case anyone determines that his/her information was compromised, then that person should notify the local law enforcement agency for assisting in further investigation. Moreover, if anyone suspects identity theft, then he/she should contact Federal Trade Commission (FTC) through www.ftc.gov or at 877-ID-THEFT (877-438-4338) and the Attorney General's office of Louisiana through www.ag.state.la.us or at 800-351-4889.

The notice of Magnolia Pediatrics said that "we deeply apologize for any inconvenience or concern this incident has caused you". For more information or anyone having questions can contact Magnolia Pediatrics by mail; or directly via phone.

The breach summary on website of HHS' Office for Civil Rights shows that 11,000 patients were affected by this breach.

» SPAMfighter News - 10/30/2019