DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Women’s Health Group of Pennsylvania Notifies 300,000 Patients of Ransomware Attack

Posted on July 26, 2017 by Dissent

Mitch Blacher and David Chang report:

A data breach at one of Pennsylvania’s largest health networks has sparked safety concerns and questions regarding why it took several months for patients to be notified.

The Women’s Health Care Group of Pennsylvania, which is based in Oaks, Pennsylvania but has 45 offices serving women in Montgomery, Chester and Delaware Counties, sent a letter to patients this month informing them that hackers had stolen their information. That information included patient names, birth dates, social security numbers, pregnancy histories, blood type information and medical diagnoses.

Read more on NBC.

The following notice, posted on Women’s Health Group’s site on July 18, indicates that this was a ransomware attack:

Notice of Security Breach Incident

Posted: July 18, 2017

On May 16, 2017, we discovered that a server and workstation located at one of our practice locations had been infected by a virus designed to block access to system files. Upon discovering the virus, we immediately removed the infected server and workstation from our network and began an investigation with the assistance of an expert computer forensics team to determine how the virus made it onto our systems and the extent to which the virus may have affected any of our data. Local Federal Bureau of Investigation authorities were contacted and a report was filed.

As part of our investigation, we learned that external hackers gained access to our systems, as far back as January 2017, through a security vulnerability. We also believe the virus was propagated through this vulnerability. Although this security vulnerability allowed access to limited patient information and the virus encrypted certain files, we have been unable to determine if any specific information was actually acquired or viewed in connection with this incident. In addition, the encrypted files were promptly restored from our back-up server and the incident had no effect on our ability to continue to provide patient care nor was any information lost.

The types of files that could have been accessed may have included information about a patient’s name, address, date of birth, Social Security number, lab tests ordered and lab results, telephone number, gender, pregnancy status, medical record number, blood type, race, employer, insurance information, diagnosis, and physician’s name. No driver’s license, credit card or other financial information was stored in any files on the infected server.

Individuals whose information may have been affected by this incident will receive a letter informing them of this incident, with instructions on steps they can take to receive free credit monitoring and identity theft protection services for a year. We recommend these individuals review all financial account information closely and report any fraudulent activity or suspected incident or identity theft. We have set up a call center with a toll-free help line for individuals who have questions about this incident. The phone number is (877) 534-7033. The call center is staffed weekdays Monday through Friday from 9:00 AM to 9:00 PM (EST) and Saturday and Sunday from 11:00 AM to 8:00 PM (EST)

We sincerely regret any concerns or inconvenience this incident may cause our patients. Maintaining the integrity and confidentiality of our patients’ personal information is very important to us and we are conducting a comprehensive internal review of our information security practices and procedures to help prevent such events in the future.

Update: When this incident appeared on HHS’s breach tool, it was reported as impacting 300,000 patients.

Category: Health DataMalwareOf NoteU.S.

Post navigation

← UK: The National Crime Agency is sending hackers to rehab
Nanocore Coder Pleads Guilty to Aiding and Abetting Hackers →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.