Ransomware attack against California provider breaches data of 85,000 patients

Hackers hit the IT vendor of three Center for Orthopaedic Specialists locations in February, which locked out users and encrypted patient data.
By Jessica Davis
02:27 PM
ransomware attacks

The California-based Center for Orthopaedic Specialists (COS) is notifying 85,000 of its current and former patients that a ransomware attack on its IT vendor may have breached their data.

Hackers launched a ransomware attack on COS computer systems, which impacted three of its locations in West Hills, Simi Valley and Westlake Village on Feb. 24. Hackers had locked down its system and encrypted patient data. 

Once discovered, the Center for Orthopaedic Specialists IT vendor took the system offline in an attempt to limit the damage and implemented preventative measures to prevent a future attack. 

[Also: The biggest healthcare data breaches of 2018 (so far)]

Impacted information includes demographic data, medical records, insurance information and Social Security numbers. Patients are being offered free identity protection services for two years along with protection from a $1 million insurance policy.

The investigation could not rule out whether data was exfiltrated, but officials said it doesn’t appear the hacker was able to do so.

This new ransomware attack is just the latest in a continuing trend of the ever-evolving malware. It pummeled the healthcare sector in the early part of the year, with attacks on Hancock Health that drove the Indiana provider to pen and paper, and the high-profile SamSam attack on EHR vendor Allscripts as well.  

While the Center for Orthopaedic Specialists did not name the IT vendor or reveal the ransomware strain involved, earlier this month the Department of Health and Human Services warned that the SamSam variant is targeting healthcare and “the ransomware risk to the sector is expected to continue for the foreseeable future.”

HHS recommends the use of data backups, along with contingency and business continuity plans to “ensure resilient operations in the event of a ransomware event.”

Healthcare Security Forum

The forum in San Francisco to focus on business-critical information healthcare security pros need June 11-12.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.