DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

VPN Solutions LLC suffered a ransomware attack two months ago. Some clients still can’t access patient data hosted on the service.

Posted on December 29, 2021 by Dissent

It appears that a ransomware incident involving VPN Solutions LLC may have  affected a number of covered entities, although so far, DataBreaches.net has only identified two confirmed cases:

Surgery Group SC

On December 17, Surgery Group SC in Illinois notified HHS about an incident impacting 500 patients. DataBreaches.net interprets that 500 number as a marker in situations in which the entity may not yet have figured out how many have actually been affected.  That does seem to be the case in this incident.

According to a notice on Surgery Group SC’s website, they were notified of a data security incident experienced by VPN Solutions LLC (“VPN”). Surgery Group’s vendor, Physicians Healthcare Solutions, LLC (PHS) uses VPN to host its databases — databases that contain the personal and protected health information of patients.

Surgery Group was notified of the incident on October 31. Surgery Group’s notice does not indicate when the attack occurred, but they note that VPN hosts and maintains the practice management and EHR platform that they use. Those records include patients’ clinical, demographic, and financial and claims information such as amounts of charges and payment history.

VPN Solutions’ home page says “Our unique approach ensures secure and HIPAA compliant access to your health records 24.7.365.”

Access 24.7.365 does not appear to be the current situation, because Surgery Group reports:

The data security incident experienced by VPN resulted in the unavailability of the personal information of Surgery Group’s patients. […]  Despite numerous, repeated requests from PHS and Surgery Group, VPN has not restored the VPN Platform and has been unable to provide Surgery Group with a date by when the VPN Platform will be restored and fully functional. VPN has indicated that it currently does not believe that any of Surgery Group’s patient information has been viewed or acquired by an unauthorized party.

Due to the unavailability of the VPN Platform that contains patient contact information, Surgery Group is unable to notify its patients of the incident by mail. Patients with questions may call Surgery Group at (630) 208-7874 between 9:00 a.m. and 5:00 p.m. CST, Monday, Tuesday, and Thursday, and between 9:00 a.m. and 4:00 p.m. CST, Wednesday and Friday.

Apple Blossom Family Practice

Apple Blossom Family Practice in Virginia issued an identical notice on their website. Their report to HHS on December 16 also seemed to use a 500 marker report.

There does not seem to be any notice on the vendor’s website at this time, and DataBreaches.net was unable to find any dedicated leak site that listed an attack on VPN Solutions.  DataBreaches.net reached out to VPN Solutions via email to ask for more details, but no reply was immediately forthcoming. This post will be updated if or when more information becomes available.

 

Category: Health DataMalwareOf NoteSubcontractorU.S.

Post navigation

← Virtual Care Provider Sues Rivals, Alleging Data Theft, Patent Violation
Pk: Hackers steal, put up for sale Khyber Pakhtunkhwa police data →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.