The Sandhills Medical Foundation has notified patients that an external cloud vendor has suffered a ransomware attack, exposing patients’ personal information, according to a press release.
On January 8, the supplier informed the Jefferson, SC-based practice that it had experienced a ransomware attack. The cyber attacks used compromised credentials to access the supplier’s system on September 23, 2020.
Attackers accessed Sandhills’ system on November 15 and extracted data from Sandhills before the ransomware attack was launched on December 3.
Sandhill determined that Social Security numbers, driver’s license numbers and dates of birth were among the affected information. Medical records, bank account numbers and credit card numbers were not affected. The seller paid the ransom and was assured that copies of the patient’s data were deleted.
More cybersecurity articles:
Texas Medicaid subcontractor evicted after data breach
Pittsburgh hospital employee improperly released patient health information, says UPMC
Information from 65,000 Humana members exposed in incidents of hijacking records
© Copyright ASC COMMUNICATIONS 2021. Interested in LINKAR or REPRESSING this content? See our policies by clicking here.