On September 11, 2018, Maffi Clinics in Arizona joined the ranks of those attacked by ransomware. From their notification letter (see below), it appears that the clinic was prepared and quickly implemented their incident response plan. The consulting firm promptly identified the unauthorized access point and terminated it; isolated and removed the ransomware; and restored…
Category: Malware
Delaware Guidance Services notifies 50,000 parents and guardians after ransomware incident
On February 26, Delaware Guidance Services for Children and Youth, Inc. (“DGS”) sent a letter to parents and guardians of their young patients. The letter explained that on December 25, 2018, DGS had become the victim of a ransomware attack that had locked up the patient records. Those records contained personal information, such as name,…
Pharmacy benefits management vendor discloses ransomware incident
Direct Scripts, a pharmacy benefit management service provider in Ohio, recently notified more than 9,300 patients after discovering that they had been the victim of a ransomware attack. Direct Scripts became aware of the attack on January 30, and immediately launched an investigation to determine what had happened and if any patient protected health information…
Rural Jackson County, Ga., recovering from Ryuk ransomware attack after paying $400,000 ransom
On March 6, Benjamin Freed reported: Computer systems in rural Jackson County, Georgia, were knocked offline over the weekend after being hit with a ransomware virus. The entire county government’s email system is offline, and some departments, including law enforcement, have had to resort to conducting their operations entirely on paper. “Everything we have is…
To protect the health and well-being of patients scheduled for surgery, Columbia Surgical Specialists paid ransom
DataBreaches.net has received a statement from Columbia Surgical Specialists in Spokane about the ransomware incident that they recently reported to HHS as impacting up to 400,000 patients. Subsequent and ongoing investigation suggests that the number affected may be substantially lower. According to the statement sent to this site, the practice became aware of the attack…
Update on Columbia Surgical Specialists of Spokane HIPAA incident affecting 400,000 patients
On February 18, 2019, Columbia Surgical Specialists of Spokane notified HHS of a breach impacting 400,000 patients. The incident was coded as a network/IT incident involving data on the network server. DataBreaches.net reached out to the entity for additional details concerning what we hypothesized was a ransomware attack. But despite two phone calls to the…