DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

MN: American Baptist Homes of the Midwest notifies patients and residents of ransomware incident

Posted on May 7, 2019 by Dissent

May 6, 2019

Re: Notification of Security Incident

Dear Sir or Madam,

We are writing to let you know about an information security incident that could potentially affect the confidentiality of your personal information. Please be assured we have taken every step necessary to address this incident and we are committed to fully protecting all of the information you have entrusted to us. We want to be as transparent as we can about this incident and share what additional steps you can take to guard against potential fraud and identity theft.

At this time, there is no evidence that the unauthorized party retrieved your information or used any of your information for malicious purposes. We are bringing this incident to your attention in an abundance of caution so you can take any action necessary to reduce the potential for harm.

Background
On or about March 10, 2019, American Baptist Homes of the Midwest (“ABHM”) became a victim of a cybersecurity incident. The incident occurred when an unauthorized party gained access to ABHM’s computer system and infected the system with malware. The malware encrypted many of ABHM’s records, which made them inaccessible, in an effort to extort money. This is commonly known as ransomware. We discovered the malware very shortly after it encrypted our records on March 10th and were able to stop the incident and secure the affected accounts

What Information may have been accessed
Although the incident did not impact our clinical and billing system, it affected company emails and general file systems. Due to the nature of the computer servers and the information stored on them, the unauthorized party may have had access to names and addresses of individuals whose data was maintained by ABHM. Other information, including, social security numbers, medical information (such as diagnosis, lab results and medications) and financial information may also have been included in what the unauthorized party was able to see. The following ABHM locations were affected:

  • Thorne Crest Senior Living, Albert Lea, MN
  • Tudor Oaks Senior Living, Muskego, WI
  • Elm Crest Senior Living, Harlan, IA
  • Health Center at Franklin Park, Denver, CO
  • Maple Crest Health Center, Omaha, NE
  • Mountain Vista Senior Living, Wheat Ridge, CO
  • Trail Ridge Senior Living, Sioux Falls, SD
  • Crest Services- Albert Lea, MN, Cedar Rapids, IA, Des Moines, IA, Harlan, IA, Ottumwa, IA, Chariton, IA

It appears that your information may have been accessible to the unauthorized party. However, at this time ABHM has no evidence that any resident information was retrieved or misused in any way.

What we are doing to protect you
ABHM acted quickly to address the issue and was able to recover and regain control of the files and end the incident after only a few hours.

We engaged a data forensics firm to ensure all systems were free of malware and assist in the backup recovery of our systems. In addition to addressing the immediate issue, ABHM has adopted further safeguards going forward. ABHM brought in a third-party security expert to perform an in-depth security risk assessment, enhanced its technological security requirements (for example, we strengthened password requirements and implemented electronic procedures that terminate access to ABHM systems after a series of failed attempts) and engaged a 24/7 security monitoring system to safeguard and protect all ABHM data. ABHM has also informed law enforcement and the Office for Civil Rights at the U.S. Department of Health and Human Services.

What you can do to protect yourself

You can read more on their site. This is another instance of not offering patients any credit monitoring services.

No related posts.

Category: Health DataMalwareU.S.

Post navigation

← FBI has seized Deep Dot Web and arrested its administrators
Hackers Withdraw 7,000 Bitcoins in Binance Crypto Exchange Security Breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.