DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Cleveland Medical Associates tells patients of ransomware incident

Posted on June 22, 2017 by Dissent

Cleveland Medical Associates, PLLC, a four-physician primary care clinic in Cleveland, Tennessee, is providing notice to its patients that on April 21, 2017, it discovered that, the evening before, its computer network had been impacted by ransomware, a type of computer virus that locks up, or encrypts, information and demands that a payment be made in order to unlock, or decrypt, the information. There is no evidence that patient data was compromised as a result of this incident and the incident did not impact the clinic’s ability to provide care to patients.

Following the incident, in addition to implementing a new medical records system and analyzing security procedures, Cleveland Medical Associates engaged the services of a forensic investigation firm to determine the extent of the information potentially affected by the incident. Based on the investigation, there is no evidence that protected health information was taken from the affected system or misused as a result of this incident. The FBI has also been notified of the incident and Cleveland Medical Associates will fully cooperate in any subsequent investigation it may conduct into the matter.

Healthcare organizations and other companies across the country have been affected by similar types of ransomware cyber attacks and Cleveland Medical Associates believes that the motivation behind this incident was extortion. Because Cleveland Medical Associates was unable to determine with reasonable certainty whether or not there was an unauthorized access of medical information, it is providing its patients with notification of the incident. Information contained on the affected server included demographic information such as patient names, addresses, telephone numbers, email addresses, and Social Security numbers, clinical information such as medical records, and other information such as insurance billing information.

Cleveland Medical Associates takes protecting its patients’ information seriously and is offering a year of free credit monitoring to patients potentially affected by the incident. The clinic has also set up a dedicated number for patients to call with any questions or for more information. The number to call is 1-888-746-7073, Monday through Friday, 9 a.m. to 9 p.m., Eastern Time.

Category: Health DataMalware

Post navigation

← 800,000 customers ‘at risk’ over vulnerable Virgin Media router
Airway Oxygen notifies 500,000 patients after ransomware attack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Cyberattack pushes German napkin company into insolvency
  • WMATA Train Operators Arrested in Health Care Fraud Scheme
  • Washington Post investigating cyberattack on journalists, WSJ reports
  • Resource: State Data Breach Notification Laws – June 2025
  • WestJet investigates cyberattack disrupting internal systems
  • Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?”
  • India: Servers of two city hospitals hacked; police register FIR
  • Ph: Coop Hospital confirms probe into reported cyberattack
  • Slapped wrists for Financial Conduct Authority staff who emailed work data home
  • School Districts Unaware BoardDocs Software Published Their Private Files

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Vermont signs Kids Code into law, faces legal challenges
  • Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation
  • Anne Wojcicki Wins Bidding for 23andMe
  • Would you — or wouldn’t you?
  • New York passes a bill to prevent AI-fueled disasters
  • Synthetic Data and the Illusion of Privacy: Legal Risks of Using De-Identified AI Training Sets
  • States sue to block the sale of genetic data collected by DNA testing company 23andMe

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.