Yesterday, Professional Business Systems, Inc. d/b/a Practicefirst Medical Management Solutions and PBS Medcode Corp., a medical management company that processes data for health care providers, issued a press release about an incident that occurred last year. From their release:
What Happened?
On December 30, 2020, We learned that an unauthorized actor who attempted to deploy ransomware to encrypt our systems copied some files from our system, including files that contain limited patient and employee personal Information. Upon learning of this, We shut down our systems, changed passwords, alerted law enforcement, and retained national privacy and security experts.
They “learned” on December 30, but when did the attack first occur? Was is that day or weeks earlier or months earlier or…? It sounds like they already knew about the attempted encryption attack but then at some later date, discovered that data had been exfiltrated and upped their incident response to deal with that. They also write:
We are not aware of any fraud or misuse of any of the Information as a result of this Incident. The actor who took the copy has advised that the Information is destroyed and was not shared.
So they paid ransom, it seems, without directly saying that they paid ransom.
DataBreaches.net attempted to contact PracticeFirst at the email address on their web site. That email address does not work.
The incident does not currently appear on HHS’s public breach tool.
You can read the full press release on PracticeFirst’s web site.