TX: Ransomware attack targets Seguin Dermatology (updated)
Lynn Brezosky reports:
A Seguin dermatologist on Friday said his office computer system was attacked with ransomware that accessed confidential patient data, including names, social security numbers and billing codes for medical services.
“There was a high likelihood that protected health information (PHI) was accessed,” Dr. Robert Magnon, owner of Seguin Dermatology, said in a press release issued by attorneys Brin & Brin of San Antonio. “Also, it could not be ruled out that confidential information may have been removed from the server.”
Read more on San Antonio Express-News.
The full press release from Seguin Dermatology and Dr. Robert Magnon:
On or around September 12, 2016, Seguin Dermatology, the office of Robert J. Magnon, M.D., suffered a ransomware attack. The ransomware attack resulted in its server being encrypted. Seguin Dermatology was able to remove the ransomware from its server. Subsequently, a forensic examination of the affected server was performed. On or around October 26, 2016, it was concluded that there was a high likelihood that protected health information (PHI) was accessed. Also, it could not be ruled out that confidential information may have been removed from the server. The server did not contain medical records, laboratory reports, credit card information or bank account information. However, the server did contain demographic information to include patient names, addresses, telephone numbers, and dates of birth; insurance billing information; and Current Procedural Technology (CPT) codes. Some patients also had their Social Security Number on the server.
Seguin Dermatology takes the security of PHI very seriously. We immediately contacted an IT company, had the ransomware removed from the server, and investigated whether patient information was affected. Upon learning the results of the forensic investigation, we immediately took steps to notify all affected patients. To prevent this from happening again, we are conducting a review of our physical and computer security, reassessing our office’s policies and procedures, and performing staff training. We continue to monitor the situation and will notify you as necessary.
We have arranged with Equifax Personal Solutions to help protect the identity and credit information of patients who had their Social Security Number affected. Please call (844) 512-9013 Monday through Friday from 9:00 AM to 9:00 PM Eastern Standard Time to determine whether you were affected. Also, if any patient has questions, you can call this same number to speak with a customer service representative about the incident.
Patients also can place a fraud alert on their credit files with the three major credit reporting agencies. A fraud alert is a consumer statement added to one’s credit report. The fraud alert signals creditors to take additional steps to verify one’s identity prior to granting credit. This service can make it more difficult for someone to get credit in one’s name, though it may also delay one’s ability to obtain credit while the agency verifies identity. Patients can contact the three main credit reporting agencies at:
Equifax 1-800-525-6285 www.fraudalerts.equifax.com
Experian 1-888-397-3742 www.experian.com
TransUnion 1-800-680-7289 www.transunion.com
We deeply regret any inconvenience this incident may have caused. If patients have questions, please call (844) 512-9013 Monday through Friday from 9:00 AM to 9:00 PM Eastern Standard Time.
Update: This was reported to HHS on Nov. 30 as affecting 29,969.