Hospice of San Joaquin discloses ransomware attack
The Hospice of San Joaquin recently notified the California Attorney General’s Office that it had suffered a ransomware attack on July 2.
The notification, signed by Rebecca Burnett, their CEO, states that:
The data accessed may have included personal information such as full name, patient ID number, diagnoses, home address and other sensitive information. Though the malicious software accessed our servers, we do not believe, or have any indication your information has been utilized, disseminated or disclosed to unauthorized parties.
And that’s pretty much the extent of the details provided about the incident, although the web site version includes a sentence that donor and vendor information was not affected by this incident.
Did the hospice pay any ransom? Were they able to restore fully? How many patients had PHI on the server? And what kinds of PII did the patients’ families have on the server, if any? There’s a lot we still don’t know about this incident.