DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

TX: Ransomware attack targets Seguin Dermatology (updated)

Posted on November 12, 2016 by Dissent

Lynn Brezosky reports:

A Seguin dermatologist on Friday said his office computer system was attacked with ransomware that accessed confidential patient data, including names, social security numbers and billing codes for medical services.

“There was a high likelihood that protected health information (PHI) was accessed,” Dr. Robert Magnon, owner of Seguin Dermatology, said in a press release issued by attorneys Brin & Brin of San Antonio. “Also, it could not be ruled out that confidential information may have been removed from the server.”

Read more on San Antonio Express-News.

The full press release from Seguin Dermatology and Dr. Robert Magnon:

On or around September 12, 2016, Seguin Dermatology, the office of Robert J. Magnon, M.D., suffered a ransomware attack. The ransomware attack resulted in its server being encrypted. Seguin Dermatology was able to remove the ransomware from its server. Subsequently, a forensic examination of the affected server was performed. On or around October 26, 2016, it was concluded that there was a high likelihood that protected health information (PHI) was accessed. Also, it could not be ruled out that confidential information may have been removed from the server. The server did not contain medical records, laboratory reports, credit card information or bank account information. However, the server did contain demographic information to include patient names, addresses, telephone numbers, and dates of birth; insurance billing information; and Current Procedural Technology (CPT) codes. Some patients also had their Social Security Number on the server.

Seguin Dermatology takes the security of PHI very seriously. We immediately contacted an IT company, had the ransomware removed from the server, and investigated whether patient information was affected. Upon learning the results of the forensic investigation, we immediately took steps to notify all affected patients. To prevent this from happening again, we are conducting a review of our physical and computer security, reassessing our office’s policies and procedures, and performing staff training. We continue to monitor the situation and will notify you as necessary.

We have arranged with Equifax Personal Solutions to help protect the identity and credit information of patients who had their Social Security Number affected. Please call (844) 512-9013 Monday through Friday from 9:00 AM to 9:00 PM Eastern Standard Time to determine whether you were affected. Also, if any patient has questions, you can call this same number to speak with a customer service representative about the incident.

Patients also can place a fraud alert on their credit files with the three major credit reporting agencies. A fraud alert is a consumer statement added to one’s credit report. The fraud alert signals creditors to take additional steps to verify one’s identity prior to granting credit. This service can make it more difficult for someone to get credit in one’s name, though it may also delay one’s ability to obtain credit while the agency verifies identity. Patients can contact the three main credit reporting agencies at:

Equifax 1-800-525-6285 www.fraudalerts.equifax.com 

Experian 1-888-397-3742 www.experian.com 

TransUnion 1-800-680-7289 www.transunion.com 

We deeply regret any inconvenience this incident may have caused. If patients have questions, please call (844) 512-9013 Monday through Friday from 9:00 AM to 9:00 PM Eastern Standard Time.

Update: This was reported to HHS on Nov. 30 as affecting 29,969.

Related posts:

  • Almost one year later, U.S. Dermatology Partners is still not being very transparent about their 2024 breach
  • Forefront Dermatology notifying patients and employees about ransomware incident
  • Aesthetic Dermatology Associates notifies patients of breach, but data already leaking on dark web
Category: HackHealth DataMalwareU.S.

Post navigation

← Washington State Government Breached, Administrator Accounts Dumped Online
MI: Lansing Board of Water & Light paid $25,000 ransom after cyberattack in April →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.