Delaware ransomware attack affects 19,000

Medical Oncology Hematology Consultants, an eight-physician practice in Delaware, on July 7 learned it was the target of a ransomware attack that started in June 17 and affected the server and desktop workstations.

Some 19,203 affected individuals, including some residents of Oregon, are being notified of the breach. The practice is not aware of any unauthorized access, use or disclosure of protected health information, according to the notification letter.

Compromised data included patient names, dates of birth, phone numbers, health information and treatment information.

The practice hired third-party experts to recover affected data and ensure its information systems were no longer subject to ransomware, and then engaged in a comprehensive effort to harden its policies and systems.

Medical Oncology Hematology Consultants-CROP.jpg

Also See: 4 keys to better defend healthcare data against ransomware

“Specifically, we have reset our network passwords, restored our servers from pre-incident backups, reviewed and revised our document retention policies, retained a forensic expert to evaluate the incident, determine the source of the intrusion and recommend additional preventive measures,” the letter to patients noted. In addition, the practice “conducted an email phishing test, provided additional security training to our employees, installed an umbrella web filtering system, implemented a two-factor login authentication system, consolidated our servers and systems to eliminate redundancies and re-evaluated our access privileges.”

Medical Oncology Hematology Consultants also is offering 12 months of free credit monitoring services and identity theft protection from ID Experts, along with a $1 million reimbursement insurance policy and restoration services, according to the practice’s attorney.

The practice is also providing affected individuals with information on protecting their accounts, along with directions on adding a fraud statement to credit files.

For reprint and licensing requests for this article, click here.