More than 200,000 patients, providers and employees of Tacoma, Wash.-based MultiCare began receiving notice that their personal info had been exposed in a recent ransomware attack, according to a March 9 news release from MultiCare's medical practice management company.
Woodcreek Provider Services contracts with tech services vendor Netgain Technology, which was hit by ransomware on or about Dec. 2. The attackers had access to personal and/or protected health information of Woodcreek Provider Services employees, providers, applicants, contractors and patients who received services from MultiCare and/or Woodcreek Healthcare, according to the news release.
Information exposed by the ransomware attack includes names, addresses, Social Security numbers, medical record numbers, bank account numbers and medical record disclosure logs.
In a Feb. 17 letter to Washington's state attorney general, Woodcreek Provider Services' external counsel said the organization will provide notification of the HIPAA breach incident to about 210,000 individuals who were affected.
The Ramsey County government in Minnesota was also affected by the Netgain Technology ransomware attack and began notifying 8,700 clients of its family health division on Jan. 29 that their data had been exposed.