Atlanta-based Emory Healthcare has allegedly fallen victim to a ransomware attack, according to security researcher Chris Vickery of MacKeeper Security Research Center.
In a recent , MacKeeper said it found a "misconfigured Mongo database" Dec. 30 that included data on Emory Healthcare patients. The information reportedly includes patients' names, addresses, email addresses and cell phone numbers.
MacKeeper later confirmed the database belonged to Atlanta-based Emory Brain Health Center.
On Jan. 3, MacKeeper's researchers found the database was a victim of the Harak1r1 the 0.2 Bitcoin Ransomware, which "actually takes and removes the victims' data and holds it until the ransom is paid."
Emory Healthcare sent Becker's Hospital Review the following statement: "Emory Healthcare has learned about an incident of unauthorized access to a database that a few of our clinics use to expedite patient flow during appointments. The database is hosted by a third party and is not an internal Emory or Emory Healthcare database. The database contained limited information for approximately 90,000 patients; it did not include Social Security numbers, financial information, or patient medical records, and the incident did not impact medical care. This temporary security intrusion was identified and immediately rectified. Emory is continuing to investigate this situation and will notify involved patients."