Pacific Alliance Medical Center notifies 266,123 patients of ransomware incident

From their web site, the following breach notification. According to their report to HHS, 266,123 patients were notified.

Notice of Data Breach

At Pacific Alliance Medical Center (PAMC), we understand that the confidentiality and security of medical and personal information is critically important, and we are committed to protecting it.  The purpose of this post is to notify patients and employees of a recent cyber incident that affected PAMC and may have resulted in a compromise of certain electronic files containing medical or personal information.

What Happened

On June 14, 2017, PAMC became aware that certain of its networked computer systems were being affected by a cyber incident.  PAMC suspects that the incident began on or shortly before that date.  Shortly after becoming aware of the issue, PAMC’s Information Technology Department completed a preliminary assessment and determined that certain networked computer systems had been infected by a computer virus that was encrypting (making unreadable) certain files on PAMC’s computer network.  PAMC promptly shut down its networked computer systems, initiated its incident response and recovery procedures, notified the Federal Bureau of Investigation, and began a forensic investigation under the direction of its counsel.  Since then, PAMC has decrypted (made readable again) the affected files and has taken action to restore the affected systems and prevent similar incidents from occurring.

There is no evidence to date that any unauthorized person has actually viewed, retrieved, copied, or deleted any medical or personal information.  Typically, this type of computer virus, known as ransomware, is used to deny access to data and disrupt operations in order to extract money from the data owners—and not to steal data.  However, this may not always be the case, and, therefore, as a precaution, PAMC has sent letters by mail to patients and employees whose medical or personal information may have been on servers affected by the virus.  PAMC has also notified the California Department of Public Health, the California Attorney General and the U.S. Department of Health and Human Services Office for Civil Rights of this incident.

What Information Was Involved

The medical and personal information on the servers affected by the virus included: names, demographic information, dates of birth, Social Security numbers, employment information, health insurance information, and health information, including, for example, treatment, diagnosis, and related information and medical images.

What We Are Doing

We have strengthened our virus detection and other systems and safeguards to prevent unauthorized persons from gaining access to our systems. We have also taken other steps to try to prevent similar incidents in the future.  As an extra precautionary measure, PAMC has provided potentially affected individuals with access to identity theft protection services for two years at no charge.  Instructions for enrolling in credit monitoring were included in the notification letters and can also be obtained by calling the toll-free number listed below.

What You Can Do

PAMC advises patients and employees to remain vigilant by regularly reviewing their account statements, monitoring free credit reports, and reporting to their financial institutions any suspicious activity.  Patients and employees may obtain a free copy of their credit report online at, by calling toll-free 1-877-322-8228, or by mailing an Annual Credit Report Request Form (available at to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA, 30348-5281.

For More Information

PAMC has made available a toll-free number for patients and employees to call if they have any questions or wish to obtain additional information, (877) 890-9332.  The hotline operating hours are from 6am to 6pm PST, Monday through Friday, and 8am to 5pm PST, Saturday and Sunday, excluding major holidays.

PAMC takes the confidentiality and security of medical and personal information very seriously and will continue to take steps to prevent a similar incident from occurring in the future.

About the author: Dissent

Comments are closed.