Florida Orthopedic Institute hit by ransomware
Florida Orthopedic Institute has notified the California Attorney General’s Office of a ransomware attack on April 6.
Their notification does not indicate what type of ransomware was involved, or whether they paid any ransom.
They are offering their patients identity monitoring services with Kroll, but note that they have no evidence that any patient data has been misused. So far, it doesn’t sound like their investigation has been able to determine with any real confidence whether patient data was accessed or exfiltrated. But patient data types that may have been compromised include the patients’ name, date of birth, Social Security number, medical information related to appointment times, physician locations, diagnosis codes, and payment amounts, insurance plan, identification number, payer identification number, claims address, and/or FOI claims history .
You can read the template notification here. At the time of this publication, there does not appear to be any notice on their website.