On August 23, clinic officials at Jones Eye Institute Clinic, a healthcare center in Sioux City, Iowa, discovered a ransomware attack which may have exposed the data of around 40,000 patients. Since the clinic followed the practice of maintaining regular data backups, they were able to recover all encrypted files and didn't pay the ransom demanded by the hackers.
As soon as the attack occurred, the clinic hired a cybersecurity expert and notified the Federal Bureau of Investigation (FBI). The investigation revealed that the virus was loaded on the computer systems on August 22. This means that hackers would have had the ability to access patient information contained in billing and scheduling software. The attack may have compromised the information of patients registered or treated at the clinic between January 1, 2003 and August 23, 2018.
The compromised information includes full names, addresses, dates of birth, dates of service, medical record numbers, and general descriptions of the clinic visit or surgery. Some individuals' Social Security numbers, insurance statuses, and claim information may have also been compromised. Sensitive information like bank account or credit card details were not affected. There have been no reports that the stolen information has been misused.
All affected patients were notified and given instructions on how to avoid fraud. As a gesture of goodwill, the clinic has offered to pay for one year of credit monitoring services for the affected individuals.
Don't want to make the news for the wrong reasons? Download ManageEngine DataSecurity Plus, a tool that can detect, classify , and secure personal data , and mitigate ransomware attacks.
While Jones Eye Institute Clinic was able to recover data using backups, a ransomware detection tool could have helped the clinic avoid the attack altogether. Here are some best practices you can adopt to prevent ransomware.
ManageEngine DataSecurity Plus can automatically identify and mitigate ransomware threats. Without any manual intervention, the tool will immediately:
Start your free, 30-day trial today.
Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.
© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.