Officials, ultimately, decided to pay the undisclosed ransom to continue supporting local community-based services and living programs. Berry Family Services believes the cybercriminals were seeking to extort money rather than gain access to patients’ sensitive information.
The ransomware attack also encrypted 1,751 patients’ information. Patient data that could have been exposed in the ransomware attack included names, addresses, dates of birth, Social Security numbers, medical insurance information and related health information.
Berry Family Services is unaware of any evidence that the information has been misused. However, the organization is offering affected patients one year of credit monitoring and identity theft protection services. The company has also taken steps to improve its cybersecurity so a similar incident does not happen again.
More articles on cybersecurity:
58% of CISOs say weathering a breach makes them more attractive to potential employers: report
Hacking, IT incidents caused most August data breaches
Wyoming health system halts patient admissions after ransomware attack
