Oregon medical center EHR encrypted in ransomware attack

Milwaukie, Ore.-based Monterey Health Center announced Oct. 11 that it is notifying patients their protected health information may have been exposed because of a ransomware attack.

Monterey Health Center discovered Aug. 12 that its EMR system had been encrypted because of a ransomware attack. Immediately, the medical center worked to restore access to the records systems so patient care would not be disrupted.

After working with a third-party vendor, Monterey Health Center was able to restore the encrypted data. A forensic investigator confirmed that no data had been removed from the server. However, the medical center was unable to determine if any patient information had been accessed.

Patient data stored in the affected server included names, addresses, driver's licenses, financial account information, Social Security numbers, dates of birth, medical histories, diagnoses/conditions, lab/test results, treatment information, medications, health insurance information and claims information.

"As part of its ongoing commitment to the privacy and security of patient information, [Monterey Health Center] is working to review existing policies and procedures and to implement additional safeguards to further secure the information in its systems," the medical center said in a statement.

More articles on cybersecurity:
8 hospitals, health systems hit by ransomware attacks
Cancer Treatment Centers of America alerts 3,200 patients of data breach
Why cyberattacks can be crippling to smaller hospitals

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Webinars

Featured Whitepapers