Ransomware temporarily throttles Seattle rehab clinic chain

Peoples Injury Network Northwest has notified patients that a ransomware attack may have jeopardized their protected health information.

Three servers at Peoples Injury Network Northwest (PINN) were infected with ransomware on April 22, and security executives at the seven-clinic rehabilitation chain in the Seattle metro area discovered the attack the next day. The organization took the servers offline and restored most of the data from backups.

PINN retained computer forensics firm ID Experts to determine the scope of the attack. While the firm did not find evidence that personal information was compromised the possibility could not be ruled out, affected individuals were told. Data at risk could include names, addresses, dates of birth, driver’s license numbers and diagnosis information. PINN noted that it is not aware of any ongoing threat to its network environment.

PINN-stock-CROP.jpg

Through ID Experts, PINN is offering credit monitoring and identity theft protection services to all affected individuals.

The organization did not divulge the number of affected individuals or how long they would have access to protective services. The number of affected individuals soon will be transmitted to the HHS Office for Civil Rights breach notification dashboard. It is unclear if a ransom was paid.

For reprint and licensing requests for this article, click here.