DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Greenway Health Reports Ransomware Attack (Updated)

Posted on April 28, 2017 by Dissent

From Greenway Health:

TAMPA, April 24–An apparent criminal cyber attack that has affected a limited portion of its customers was reported today by Greenway Health to its affected customers, the company says.

The incident involves “ransomware,” in which the attackers freeze access to data and offer to restore it in exchange for a ransom payment. The company says it is working with law enforcement, including the FBI.

“We deeply regret any disruption this criminal attack could cause to your practice and for any concerns it may cause to your patients,” CEO Scott Zimmerman told affected customers Monday morning.

Zimmerman emphasized that there is no evidence at this time that any patient data has been “exfiltrated” or otherwise misused. And he said the company has backup data and expects little or no data loss. The impact of this attack appears limited to some Internet-hosted users of the company’s Intergy platform.

“Based on our current understanding of the circumstances, we have no reason to believe this attack will extend to our customers on other platforms. Though we build extensive safeguards into our products and services, no Internet-based system is completely immune from attack. We are continuously focused on evaluating additional measures that we may take to further enhance our defenses against cybercrime,” Zimmerman said.

The company said it will be providing enhanced customer service and support to affected practices, and will provide additional information to its customers later today. Customers who have not experienced difficulty are unlikely to be affected, but anyone concerned should call 877-932-6301.

Last May, Florida Medical Clinic reported a potential breach of 1,000 patients’ data due to an error in a setting controlled by Greenway.  It appears the unintended exposure went undetected between November 18th, 2015 to January 6th, 2016.

In this case, it is not yet clear how many covered entities may have been affected by the ransomware incident and whether they will be reporting it to HHS or whether Greenway will be reporting it.  Nor is it clear how Greenway’s network was infected.

This post will be updated as more information becomes available.

Update of May 1: Joseph Goeddert reports:

A ransomware attack last week against hospital and ambulatory electronic health records vendor Greenway Health affected 400 client organizations using the vendor’s Intergy cloud-hosted platform.

Half of those affected clients have had their EHR services restored, with the rest reverting to manual processes in the hope of full restoration by today, says Greg Schulenburg, Greenway Health’s COO.

Related posts:

  • Greenway Health investigating claims by threat actors of a cyberattack (updated)
Category: Health DataSubcontractor

Post navigation

← TN: School board sued by employees over W-2 breach
TheDarkOverlord leaks upcoming episode of Orange is the New Black after Netflix doesn’t pay extortion demand (Updated) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.