DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

MN: American Baptist Homes of the Midwest notifies patients and residents of ransomware incident

Posted on May 7, 2019 by Dissent

May 6, 2019

Re: Notification of Security Incident

Dear Sir or Madam,

We are writing to let you know about an information security incident that could potentially affect the confidentiality of your personal information. Please be assured we have taken every step necessary to address this incident and we are committed to fully protecting all of the information you have entrusted to us. We want to be as transparent as we can about this incident and share what additional steps you can take to guard against potential fraud and identity theft.

At this time, there is no evidence that the unauthorized party retrieved your information or used any of your information for malicious purposes. We are bringing this incident to your attention in an abundance of caution so you can take any action necessary to reduce the potential for harm.

Background
On or about March 10, 2019, American Baptist Homes of the Midwest (“ABHM”) became a victim of a cybersecurity incident. The incident occurred when an unauthorized party gained access to ABHM’s computer system and infected the system with malware. The malware encrypted many of ABHM’s records, which made them inaccessible, in an effort to extort money. This is commonly known as ransomware. We discovered the malware very shortly after it encrypted our records on March 10th and were able to stop the incident and secure the affected accounts

What Information may have been accessed
Although the incident did not impact our clinical and billing system, it affected company emails and general file systems. Due to the nature of the computer servers and the information stored on them, the unauthorized party may have had access to names and addresses of individuals whose data was maintained by ABHM. Other information, including, social security numbers, medical information (such as diagnosis, lab results and medications) and financial information may also have been included in what the unauthorized party was able to see. The following ABHM locations were affected:

  • Thorne Crest Senior Living, Albert Lea, MN
  • Tudor Oaks Senior Living, Muskego, WI
  • Elm Crest Senior Living, Harlan, IA
  • Health Center at Franklin Park, Denver, CO
  • Maple Crest Health Center, Omaha, NE
  • Mountain Vista Senior Living, Wheat Ridge, CO
  • Trail Ridge Senior Living, Sioux Falls, SD
  • Crest Services- Albert Lea, MN, Cedar Rapids, IA, Des Moines, IA, Harlan, IA, Ottumwa, IA, Chariton, IA

It appears that your information may have been accessible to the unauthorized party. However, at this time ABHM has no evidence that any resident information was retrieved or misused in any way.

What we are doing to protect you
ABHM acted quickly to address the issue and was able to recover and regain control of the files and end the incident after only a few hours.

We engaged a data forensics firm to ensure all systems were free of malware and assist in the backup recovery of our systems. In addition to addressing the immediate issue, ABHM has adopted further safeguards going forward. ABHM brought in a third-party security expert to perform an in-depth security risk assessment, enhanced its technological security requirements (for example, we strengthened password requirements and implemented electronic procedures that terminate access to ABHM systems after a series of failed attempts) and engaged a 24/7 security monitoring system to safeguard and protect all ABHM data. ABHM has also informed law enforcement and the Office for Civil Rights at the U.S. Department of Health and Human Services.

What you can do to protect yourself

You can read more on their site. This is another instance of not offering patients any credit monitoring services.

No related posts.

Category: Health DataMalwareU.S.

Post navigation

← FBI has seized Deep Dot Web and arrested its administrators
Hackers Withdraw 7,000 Bitcoins in Binance Crypto Exchange Security Breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.