LA provider beats back ransomware attack
Pacific Alliance Medical Center in Los Angeles on June 14 suffered a ransomware attack that encrypted some networked computer systems, but with assistance from a third party, was able to restore its network to full operation.
Pacific Alliance executives say they responded to the attack by immediately shutting down their systems, but with help from a forensics services firm, it was able to recover. It’s now undertaken measures, which it declined to disclose, to prevent future attacks.
The organization also announced that it has notified individuals whose data was stored on servers affected by the ransomware attack.
To date, there is no evidence data was viewed, retrieved, copied or deleted, the medical center said in a patient notification letter. “Typically, this type of computer virus, known as ransomware, is used to deny access to data and disrupt operations in order to extract money from the data owners—and not to steal data. However, this may not always be the case.”
Affected data included patient names, addresses, dates of birth, Social Security numbers, employment information, health insurance data and healthcare information, such as treatment, diagnosis and medical images.
Patients have been offered two years of credit monitoring and identity theft protection services from an undisclosed vendor, as well as receiving additional information on protecting financial accounts and getting free credit reports.
The hospital declined to provide the number of affected individuals and further details about the incident, but is expected to report the scope of the breach to the HHS Office for Civil Rights in the next few weeks, at which time it will be posted on OCR’s public breach web site.