Ransomware hits Redwood Eye Center affecting 16,000 patient records

[The AchieVer]

• Redwood Eye Center has notified the California Attorney General’s Office of a ransomware attack on their EMR hosting vendor, IT Lighthouse on September 20, 2018.
• The attack may have compromised the data of 16,055 patients’ names, date of birth, addresses, medical treatments details, and health insurance information.

On 19 September 2018, California-based Redwood Eye Center discovered that its third-party hosting vendor EMR, which stores and hosts medical records, has suffered a ransomware attack. The ransomware has encrypted 16,055 patients’ data including names, date of birth, addresses, medical treatments details, and health insurance information.

The Redwood Eye Center has notified the California Attorney General’s Office about the ransomware attack on their EMR hosting vendor, IT Lighthouse on September 20, 2018. They have also notified the 16,055 affected patients regarding the ransomware attack.

What were the preventive measures taken?

Redwood Eye Center closely worked with the third-party vendor and a digital forensics firm to investigate the incident. Redwood also consulted a specialized medical software vendor to investigate the incident and regain access to the encrypted data.

The healthcare center said that it has taken steps to prevent such incidents from arising in the future by enhancing the security of patient information. It has also taken steps to change its medical record hosting vendor.

 

Source