Missouri family practice warns 45K patients of breach after ransomware attack

Julie Spitzer -

Blue Springs (Mo.) Family Care is notifying 44,979 patients that their protected health information may have been compromised when the practice's computer system was infected with ransomware in May.

The clinic's computer vendor discovered May 12 that an unauthorized third party had broken into the Blue Springs computer system and loaded numerous malware programs, including "the encryption program responsible for the ransomware attack," Blue Springs' notification reads.

While Blue Springs doesn't have any evidence the stolen information has been misused, an investigation into the breach concluded the hackers were able to access all of the clinic's computer systems. Patients' names, addresses, dates of birth, Social Security numbers, account numbers, driver's license numbers, medical diagnoses and disability codes held in the computer systems may have been compromised.

In response to the incident, Blue Springs has deployed a new firewall and is transitioning to a new, unnamed EHR vendor that will encrypt all of its patients' PHI. The clinic recommended all affected individuals place a fraud alert on their credit reports and monitor their reports for suspicious activity.

"We are keenly aware of how important your personal information is to you, and we understand that this situation may pose an inconvenience to you. We sincerely apologize and regret that this situation has occurred," the statement reads.  

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.