Jacksonville, FL-based North Florida OB-GYN has discovered hackers gained access to certain parts of its computer system containing patients’ personal and health information and deployed a virus that encrypted files.
Upon discovery of the breach on July 27, 2019, networked computer systems were shut down and breach response and recovery procedures were initiated. Third party IT consultants assisted with the investigation and confirmed that parts of its networked computer systems had been subjected to unauthorized access and a virus had been used to encrypted certain files. The investigation revealed its systems had most likely been compromised on or before April 29, 2019.
While system access was confirmed, no evidence of unauthorized data access or theft of personal or medical information was found; however, unauthorized data access and data exfiltration could not be ruled out.
Protected health information potentially compromised in the attack varied from patient to patient and may have include name, demographic information, birth date, driver’s license number, ID card number, Social Security number, health insurance information, employment information, diagnoses, treatment information, and medical images.
Affected individuals have been advised to remain vigilant and review their account statements to check for unauthorized use of their information. It does not appear that affected individuals are being offered credit monitoring and identity theft protection services.
North Florida OB-GYN has been able to recover virtually all files encrypted in the attack. It is unclear whether a ransom demand was issued and paid, or if the files were recovered from backups. North Florida OB-GYN has already taken steps to strengthen security to prevent similar incidents from occurring in the future.
The breach has been reported to the HHS’ Office for Civil Rights and appropriate state authorities. The breach has yet to appear on the OCR breach portal, so it is currently unclear how many patients have ben affected. This post will be updated as and when further information becomes available.
Tomo Drug Testing Discovers Sensitive Information on Drug Testing Subjects Has Been Compromised
Springfield, MO-based Tomo Drug Testing, a provider of drug screening services, has discovered an unauthorized individual has gained access to a database containing the sensitive information of drug screening subjects, including names, Social Security numbers, driver’s license numbers, state identification numbers, and drug test results.
According to a statement released by the company, the database was accessed on April 23, 2019 and May 9, 2019 by an unidentified individual who claimed to have downloaded and removed certain information from the database.
Tomo Drug Testing learned of the breach on April 23, 2019 and launched an investigation into the breach. Forensics experts were called in to determine whether information had been removed or deleted from the database. While it was not possible to determine whether the database had been copied and stolen, certain items were found to have been removed or deleted from the database.
The database appeared to have been accessed using compromised credentials. Upon discovery of the breach, the password and privileges on the account used to access the database were changed. All data has now been migrated to a more secure system and the previous system has now been decommissioned. Tomo Drug Testing is continuing to implement additional security controls to prevent further incidents from occurring in the future.
Determining who was affected and the types of information in the database was a lengthy process. It took until July 1, 2019 to discover all individuals impacted by the breach and obtained up-to-date contact information. A substitute breach notice has been issued to media outlets as it was not possible find contact information for all individuals affected.
Notification letters have now been sent and affected individuals have been offered complimentary credit monitoring and identity theft protection services as a precaution. It is currently unclear how many individuals have been impacted.
The post PHI Potentially Compromised in Cybersecurity Breach at North Florida OB-GYN appeared first on HIPAA Journal.