Salem (Ore.) Clinic and the Oregon Heart Center in Salem began notifying patients Jan. 19 that their protected health information was exposed during a May 2019 ransomware attack targeting their mailing service provider.
In a Jan. 19 notice from Metro Presort, the Portland-based printing and mailing processing business said the breach affected 20,928 patients from Salem Clinic and 3,172 patients from Oregon Heart Center. Some of the patient data exposed included only names and addresses, but other patients' records included health plan identification numbers and treatment information as well.
The ransomware attack involved Ryuk malware, which hackers used to infect Metro Presort's computer servers from May 6-15, 2019, and then demand payment to unlock the servers and information. This made data stored on the servers unusable; Metro Presort said it did not pay the ransom.
At the time of the attack, Metro Presort was processing mailings for 21 healthcare organizations, ranging from marketing materials to statements and invoices. HHS' Office for Civil Rights investigated the breach and on Dec. 31, 2020, ruled that there were no violations of HIPAA.