Hack at Missouri group practice affects records of 170,000 patients

Records of as many as 170,000 individuals could be affected after a cyberattack hit records systems at Ferguson Medical Group.

The medical group is part of Saint Francis Healthcare and operates seven sites around Sikeston, Mo.

FMG Sikeston exterior-CROP.jpg

On September 21, Saint Francis learned that the computer network that Ferguson Medical Group used before it was acquired by Saint Francis Medical Center was attacked the previous day.

All medical records for services provided at Fergunson Medical Group prior to Jan. 1, 2019, were made inaccessible by the attackers, who demanded a ransom payment to regain access to the records.

The organization did not pay the ransom and restored access to medical records via backup files. However, Saint Francis could not restore access to all records from backup information systems. Any records for services provided at Fergunson Medical Group from Sept. 20, 2018, and any documentation that had been scanned into Fergunson’s information systems, regardless of date, could not be restored.

In a patient notification letter, Fergunson executives said they do not believe the attack resulted in disclosure of any patient information to unauthorized third parties.

Now, the organization is advising affected patients of steps to protect themselves and is offering credit monitoring services from First Watch Identity Restoration. “Saint Francis regrets that this incident occurred and is committed to providing quality care and safeguarding personal information,” patients were told. A call center has been established to answer patients’ questions. Additional information was not immediately available.

For reprint and licensing requests for this article, click here.