Protected Health Information of more than 300,000 patients of the physician group named Premier Family Medical at Utah was compromised in a recent ransomware attack. The group confirmed that it suffered a ransomware attack but didn’t disclose the number of patients affected in the attack.
According to the official statement, the incident occurred on July 8, 2019, that barred access to patients’ data and other network systems. The physician group stated that it notified law enforcement authorities about the attack and appointed a technical team to investigate the issue and regain access to its systems and patient data.
“On July 8, 2019, Premier Family Medical (Premier) experienced a ransomware attack from an unknown, unauthorized third party. As a result, Premier was temporarily unable to access data from certain systems within its organization. Premier promptly informed law enforcement and engaged technical consultants to investigate and regain access,” the company said in a statement.
“We love being in the business of caring for patients and understand that includes protecting their health information,” said Robert Edwards, Premier’s chief administrator who oversees Premier’s cybersecurity and privacy programs. “Even though our investigation has found no reason to believe patient information was accessed or taken, we are very concerned that this event even occurred and have taken steps to further enhance the security of our systems.”
Healthcare organizations have become an easy target for attackers, as they hold huge sensitive information of their patients. A recent report revealed that health care organizations suffered the highest number of data breaches in 2018 across any sector of the U.S. economy. According to Beazley Breach Response, a breach response management and information security insurance solutions provider, the healthcare entities have reported the highest number of data breaches, at 41 percent.
The report, dubbed as Beazley Breach Insights Report, stated that direct hacking, the presence of malware, or due to human error were the causes of data breaches in healthcare organizations. The report also revealed the percentage of breaches in other sectors of the economy. The education sector accounted for 10 percent of security issues, financial institutions reported 20 percent of incidents, and professional services represent 13 percent of cases.
