DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

MA: Medical billing service notifies patients of ransomware incident

Posted on April 24, 2019 by Dissent

Massachusetts-headquartered Doctors’ Management Service, Inc. provides medical billing services to physicians and hospitals. You may never have heard of them, but your hospital or physician might have provided them with your protected health information if your doctor or hospital contracts with them.

This week, DMS sent notice of what they strangely describe as a “recent incident” that impacted their computer system. The incident, which may have exposed patients’  name, address, date of birth, Social Security number, driver’s license number, insurance and Medicare/Medicaid information and numbers, and medical information, including some sensitive diagnostic information, was first detected On December 24, 2018, when they noticed a problem with their network.

An investigation into the problems revealed that encryption malware was affecting the server.   Further investigation revealed that it was the GandCrab ransomware. The initial unauthorized access to the network took place on April 1, 2017 through Remote Desktop Protocol (RDP) on a DMS workstation.

DMS did not pay the ransom and was able to restore from backup.

But attackers had access to the network beginning on April 1, 2017 and the ransomware was first detected some time after December 14, 2018?  I wouldn’t call that a “recent incident.”

DMS’s notification, signed by their CEO, Timothy DiBona, emphasizes that the investigation did not uncover any evidence of unauthorized access to, use of, or exfiltration of any patient data.

This incident, which DMS is reporting to HHS, affected patients from a number of their provider-clients.  The following is a list of affected entities:

Anjum Baqai Associates
Arcangel Neurological Consultants
AT Care PLLC
AUM Healing Center
Bell Mental Health Associates
Beverly Surgical Associates
Bhealthy Primary Care
First Choice Community Medical Services
Holy Family Medical Specialty
Lowell General Inpatient Specialists
NE Pulmonary & Sleep
New England Inpatient Specialists
New England Pulmonary & Sleep Specialists
Today’s Wellness PLLC
Incare LLC
Pricipes Medical Group
Joseph Schwartz PLLC
Neuro Institutue of New England
New England Reconstructive & Aesthetic
Northwoods Surgical, PLLC
Pathways Healthcare LLC
Peaceful Soul
Personalized Medicine
Pinnacle Medical Group
Post Acute Cardiology
Precision Surgical Specialists of Lowell
Premiere Care
Saxony Primary Care PLLC
Sports Medicine Health LLC
Surgical Group of Norwood
The Wholeness Center
Theresa M Smith Practice
Thompson Medical Associates
WLB Rehabilitation Medicine
Heywood Athol Inpatient Specialists PLLC
Winchester Hospital Inpatient Specialists
Dutch Connection LLC
New England Community Medical Services

The notification, does not indicate how many patients are being notified, but describes steps DMS is taking to strengthen its security to prevent a recurrence.

You can read the full notification below.

CON-MT-Notice-of-Data-Security-Incident-for-DMS
Category: Health DataMalwareOf NoteU.S.

Post navigation

← Marcus Hutchins’ plea leaves unsettled whether writing certain types of code is illegal – Ekeland
38 patient records viewed ‘inappropriately’ by St. Boniface Hospital employee →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.