Ransomware attacks have recently been reported by four healthcare providers across the country, which have collectively resulted in the exposure and potential theft of the protected health information of more than 49,000 individuals.
Jax Spine & Pain Centers
Jax Spine and Pain Centers in Jacksonville, FL has recently announced it was the victim of a ransomware attack that occurred on January 24, 2022. The attack was conducted on an inactive server that contained records of patients who had visited either its Jacksonville or St. Augustine locations prior to May 2018.
Extend Fertility
Extend Fertility, a New York City fertility clinic, has recently notified 10,373 patients that some of their protected health information has potentially been obtained by unauthorized individuals as a result of a ransomware attack that was detected on December 20, 2022.
Spine Diagnostic & Pain Treatment
Spine Diagnostic & Pain Treatment in Louisiana appears to have been the victim of a Conti ransomware attack. According to Databreaches.net, 3,351 files containing patient information have been uploaded to the Conti gang’s data leak site, which the Conti gang claims represents around 30% of the exfiltrated files. Around 4 GB of data was uploaded to the leak site and the files contained a selection of data including scanned driver’s licenses, patient records, insurance billing information, and other PHI.
La Posada at Park Centre
La Posada at Park Centre, a retirement community in Sahuarita, AZ, has recently notified 812 individuals that some of their protected health information was exposed and potentially compromised in a cyberattack that occurred on December 10, 2021. La Posada said “a software virus” was downloaded onto its systems that prevented staff from accessing files and email. Assisted by third-party forensics experts, La Posada determined on January 24, 2022, that the attackers potentially had access to files that contained patient information.