IT vendor pays ransom to recover nearly 30,000 patients' data stolen from California clinic, surgery center 

Harvard Eye Associates and Alicia Surgery Center, both in Laguna Hills, Calif., recently began notifying almost 30,000 patients that their protected health information was exposed in a ransomware attack on their IT vendor. 

Harvard Eye Associates said its online data storage vendor alerted it of the breach on Jan. 15, according to the provider's data breach notice. Hackers accessed the vendor's computer system and stole some of Harvard Eye Associates' patient data. The cyber criminals demanded an undisclosed financial amount in return for the stolen data, which the vendor chose to pay after consulting with the FBI and cybersecurity experts. 

The hackers gave back the data and told the vendor they had not disclosed any information or kept any copies of the records. Harvard Eye Associates reported the breach to HHS Feb. 8 as affecting 29,982 individuals. 

Data taken by the hackers included some of Harvard Eye Associates' patient data as well as information from patients of Alicia Surgery Center in Laguna Hills. Patient health information exposed included names, addresses, birth dates, medical history and health insurance details. 

The hackers also accessed data including certain personal information about current and former employees of Harvard Eye Associates as well as their family members and beneficiaries. 

As a result of the incident, Harvard Eye Associates is offering free credit monitoring and identity theft protection services to any individuals affected. 

More articles on cybersecurity: 
New Mexico hospital's computer network hacked
Facebook stops collection of user health data after New York investigation
CIS rolls out free ransomware protection service for private hospitals

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Whitepapers

Featured Webinars