- A medical diagnostics center in California has suffered a ransomware attack that may have breached internal data.
- The accessible information concerns patient details, both PII and private medical data.
- The company claims that the hackers haven't stolen anything, but nothing is certain.
The Stockdale Radiology medical diagnostics and analysis center is circulating notices of a data breach to its patients. As it seems, the company has fallen victim to a ransomware attack on January 17, 2020, with the network intruders managing to access locally stored patient data. This was determined on January 29, 2020, when the internal investigation was concluded, and both the FBI and the California data protection officer were informed immediately. The firm clarifies that, while the data was accessible, there is no indication they have been exposed, misused, or exfiltrated.
The investigation, which was conducted with the help of FBI agents, revealed that the data types involved in this incident include full patient names, home addresses, and sensitive personal information such as healthcare logs, doctor's notes, and their social security numbers (SSNs). This type of information would put the exposed individuals at many risks, including phishing, scamming, and extortion, as malicious actors are looking to exploit anything they can. However, the fact that there were no email addresses or telephone numbers involved makes this breach somewhat different than the usual, as the actors would have to act through the more traditional post.
Stockdale Radiology says they immediately shut down the compromised system and contracted a cyber-security expert to help them figure out exactly what had happened. In this context, they have already implemented additional security measures that would prevent such incidents from happening again in the future. They have also partnered with Kroll to offer a full year of credit monitoring services to their customers, covering all of the associated costs. Besides credit monitoring, people will also get identity theft restoration services if needed, and will also receive fraud consultation training. If you are one of Stockdale Radiology's clients, you should register for these services by following the instructions enclosed in the notification letter.
While it seems that no data has been compromised as a result of this ransomware attack, treating these incidents as breaches and informing the authorities is mandatory. The loss of data control is the equivalent of a breach, and a ransomware attack is precisely that according to the Health Insurance Portability and Accountability Act (HIPPA). That said, beware of the risks involved and be careful with any unsolicited communications that you may receive in the following months or even years. Even if there's no indication that the ransomware actors stole any data from Stockdale Radiology's computers, this possibility cannot be ruled out.