San Andreas Regional Center in San Jose, CA has started notifying patients that their PHI may have been compromised in a July 2021 ransomware attack.
On July 5, its networks and servers were taken out of action as a result of the attack. Steps were rapidly taken to remediate the attack and third-party computer forensics experts were engaged to investigate the breach, determine how access to its systems was gained, and to discover the extent to which patient data had been affected.
The initial investigation into the ransomware attack was concluded on August 2, 2021, when it was confirmed that the attackers had gained access to parts of the network where patients’ protected health information was stored and certain files stored on its servers that contained patient data had been exfiltrated by the attackers prior to the use of ransomware. It was not possible to determine any specific patient information that was stolen by the attackers.
At the time of issuing notification letters to affected patients, San Andreas Regional Center had not identified any instances of attempted or actual misuse of patient data. A review of all files accessible to the attackers confirmed the following types of patient data were potentially compromised in the attack: First and last names, addresses, dates of birth, telephone numbers, Social Security numbers, email addresses, health plan beneficiary numbers, health insurance information, full-face photos, and or comparable images, UCI (unique identifying number or code generated by SARC for patients), medical information, diagnoses, disability codes, and other certificate/license numbers.
Policies and procedures are being updated, employees have received further cybersecurity training, and additional cybersecurity safeguards are being implemented to strengthen security. Complimentary credit monitoring and identity theft protection services are being offered to affected individuals.
The breach has been reported to the HHS’ Office for Civil Rights but the incident is not yet showing on the OCR breach portal, so it is currently unclear how many patients have been affected.
The post San Andreas Regional Center Victim of Ransomware Attack appeared first on HIPAA Journal.