Florida OB-GYN practice hit with ransomware, affecting files dating back to 2007

Julie Spitzer -

Faben Obstetrics and Gynecology in Jacksonville, Fla., reported a ransomware attack affecting 6,092 patients to HHS' Office for Civil Rights.

Five things to know:

1. A ransomware variant known as GrandCrab infected computer systems at the practice in November, encrypting files created between January 2007 and April 10, 2017.

2. While most records were backed up and have been restored, certain records were not recoverable. Faben confirmed that the ransomware did not access or view the contents of any of its files.

3. The records Faben could not recover included files that staff had scanned into patient medical records between Sept. 11, 2014, and April 20, 2017, such as blood sugar logs, blood pressure logs, Family and Medical Leave Act documentation and paper medical records that patients provided to the organization.

4. Faben is notifying all patients seen between Sept. 2014 and April 2017, comprising about 6,092 individuals, about the breach, according to HHS' OCR breach portal.

5. "Since the infected files were encrypted but not exfiltrated, there is no increased risk of identity theft, nor is there an increased risk that a third party may view your protected health information at this time as a result of the ransomware attack," Faben wrote in a notice posted on the practice's website. It is recommending patients maintain copies of all paper records they have brought to Faben concerning their care as a precaution.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.