California health center ransomware attack affects 65,000

Register now

East Valley Community Health Center, with four locations serving the West Covina region of California, has notified 65,000 patients of a breach of protected health information following a ransomware attack.

“On October 18, an unknown individual logged into an (East Valley Community Health Center) server without authorization and installed Troldesh/Shade malware, encrypting (locking) the files that were stored on the server; this is also known as a ransomware attack,” the organization told patients in the letter.

One of the files held claims information for submitting to health insurers; the local newspaper, the Inland Valley Daily Bulletin, reports that the file, which was among those encrypted, contained information on 65,000 patients.

The organization did not respond to a request for comments or to confirm the newspaper report.

Also See: HIMSS guidance examines new malware, ransom approaches

The organization noted there is no indication that information has been accessed or used, but data that may have been compromised included names, birthdates, addresses, medical record numbers, diagnosis codes and insurance account numbers.

The notification letter does not offer credit and identity protection services; such services typically have not been offered when hackers do not access financial information and Social Security numbers. However, East Valley Community Health Center urges patients to register a fraud alert with credit bureaus.

The organization, which has since contracted with a vendor to maintain all patient health information on an off-site server, told the Inland Valley Daily Bulletin that the information technology department removed the ransomware and restored affected files the day after the ransomware was installed.

For reprint and licensing requests for this article, click here.