Patients consulting with the Center for Orthopaedic Specialists received warning that some of their protected health information (PHI) was potentially viewed by unauthorized people when ransomware got installed on its network system. The ransomware attack impacted three of the establishments of the Center for Orthopaedic Specialists situated in Simi Valley, West Hills and Westlake Village in California. Databreaches.net noted that the PHI of 85,000 patients were potentially affected.
The IT merchant of the Center for Orthopaedic Specialists made them aware that an unauthorized person began its attempt to access its network on February 18, 2018. He succeeded and installed ransomware, which encrypted many files containing the PHI of patients. Data that was encrypted by the ransomware included the patients’ names, some patients’ information, dates of birth and Social Security numbers.
The IT merchant had taken immediate action to restrict the potential damage the ransomware could cause. They took the attacked system offline swiftly to prevent any extraction of information. As per the data breach investigation, there is no proof uncovered that would indicate the persons liable for the attack viewed or duplicated the patients’ PHI. However the investigators could not exclude data theft with 100% assurance. Out of abundant precaution, the Center informed all the patients whose information was encrypted by the ransomware to allow them to be more careful and keep an eye out for indications of identity theft and fraudulence.
Despite the fact that the probability of data theft is low, the Center for Orthopaedic Specialists is providing no cost identity theft protection and credit monitoring services for 2 years via ID Experts to all affected patients. In addition, the patients get $1,000,000 worth of insurance protection.