6,550 Jemison Internal Medicine Patients Potentially Affected by Ransomware Attack

Jemison Internal Medicine of Alabama had a ransomware attack on December 20, 2017. Electronic health records were encrypted so that the healthcare providers were not able to gain access to patient data. The attacker demanded ransom in exchange for the encryption keys but Jemison Internal Medicine did not pay any. The electronic protected health information was restored from backups after reinstalling the operating system on infected computers. System analysis revealed that no malicious software remained after data restoration.
Ransomware usually attacks randomly and finds its way through phishing emails sent to employeesโ emails. But this ransomware attack was targeted. According to the investigation of the security breach, an unauthorized person gained access to the companyโs computer system for a period of 3 months more or less.
Fortunately, thereโs no evidence that the attacker accessed the EMR system. But itโs not 100% certain that there was no data accessed. Itโs possible that information such as names, dates of birth, telephone numbers, addresses, driverโs license numbers, Social Security numbers, treatment, procedure details, prescription information and health insurance details have been copied or viewed.
Jemison Internal Medicine reviewed its security, policies and procedures as a response to the breach incident. Steps such as disabling remote computer connectivity and changing all passwords were taken to secure its systems and to prevent similar attacks in the future.
All Jemison Internal Medicine patients affected by the data breach already received notifications by mail. The Department of Health and Human Serviceโ Office for Civil Rights also received the report that the breach potentially compromised the protected health information of 6,650 patients.