Malware attack in MN county puts data of 118K patients at risk

Register now

A 2018 malware attack of a Minnesota county has snowballed in its effect, now apparently affecting the medical information of nearly 118,000 patients.

The county, home to more than half a million residents with St. Paul as its county seat, said the information was put at risk when employees’ email accounts were breached.

The incursion was first noticed in August 2018, when a malware attack was identified, with the apparent goal of diverting the paychecks of 26 employees.

This past May, the county reported that limited amounts of health information were in a breached employee email account related to a child and teen checkup program and administrative support for the St. Paul-Ramsey County Public Health Department.

The county sent a first group of notices to 4,500 potentially impacted patients in December 2018; the county now reports that it estimates that information of 117,905 may have been affected.

Compromised data includes names, addresses, dates of birth, child identification numbers, appointment dates and types, patient master index numbers, household identification numbers and names of authorized representatives.

Officials from the county believe that Social Security numbers, financial, credit card, prescription and diagnosis information was not exposed, and they are not aware of any misuse of health data. However, the officials also note that they do not know whether any of the information was actually viewed.

Following the attack, Ramsey County adopted more robust password protections, installed new technical security measures, improved employee training and revamped its email retention procedures.

While there was no financial information compromised, to help reduce the risk of identity theft, Ramsey County advised affected individuals to frequently review credit reports, credit card statements and other financial account information, and contact credit card companies or financial institutions immediately if unauthorized or suspicious activity is discovered. Individuals also were urged to place a fraud alert on their credit files.

For reprint and licensing requests for this article, click here.