Vendor ransomware attack exposes patient information at South Carolina practice

Sandhills Medical Foundation notified patients that an external cloud vendor underwent a ransomware attack, exposing patients' personal information, according to a news release. 

On Jan. 8, the vendor informed the Jefferson, S.C.-based practice that it had experienced a ransomware attack. Cyberattackers used compromised credentials to access the vendor's system Sept. 23, 2020. 

The attackers accessed Sandhills' system on Nov. 15 and extracted Sandhills' data before the ransomware attack was launched on Dec. 3.

Sandhill determined Social Security numbers, driver's license numbers and birth dates were among information that was affected. Medical records, bank account numbers and credit card numbers were not affected. The vendor paid the ransom and was assured copies of the patient data were deleted.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars