The eye physician and the Columbus Surgery Center in Columbus got affected due to Ransomware attack that caused the loss of PHI of about 10,000 patients. The date on which the Ransomware attack occurred was 7th October 2017. They found a number of files were encrypted from the servers by the virus known as Ransomware. The attackers issues the Ransomed demand that was not paid. All the encrypted files were restored from the backup media to check the services offered to the patients.
For this purpose, they call the 3rd party professionals to help them in the investigation for the Ransomware attack to check either the attackers have accessed the data, copied the whole data, viewed and saved it. The investigation include the way by which they accessed the server and they installed Ransomware.
According to the report of the investigation, they did not find any evidence that the PHI of the patients were stolen, but the accessed data can’t be stored with high confidence. After checking the rules of HIPAA, the incident was reported to the Department of Health and Human Services’ Office. After the breach was highlighted, the patients were informed for it. They informed the patients with the help of emails. According to the eye physicians, the breach involved the information of the patients like the name, the imagery, SSN, date of birth and much more.
The results of the attack caused the management to contact the IT security professional so that the comprehensive risk can be assessed and they can upgrade the hardware and the software to avoid such incidents in future. It is thought that such incidents can be controlled in future by improving the security. The accident affected 7,721 individuals of Surgery Center in Columbus and 2,620 individuals of the Eye physicians, according to the report.