Rehoboth McKinley Christian Health Care Services (RMCHCS) has contacted patients to make them aware of a ransomware attack that hit the organization during February 2021 which may have compromised their protected health information (PHI). The breach has been reported to the HHS’ Office for Civil Rights as affecting 207,195 individuals.
It was discovered that Conti ransomware hackers conducted the attack in February and stole a range of sensitive data including job application details, background review information, staff reports, and the PHI of patients. Some of the PHI that was taken was made accessible on the Conti data leak site. This was done to try and force the hand of the healthcare provider into paying the requested ransom. While the data has been removed from the leak site, it remains unknown if the ransom was paid.
Following the discovery of the data data breach, on February 16 2021, RMCHSC contracted the services of an external computer forensics company to look in to the cyberattack. During this review it was discovered that the hackers stole the data at some point in time between January 21 and February 5, 2021.
HIPAA breach notification letters started to be sent to affected individuals on April 30, 2021. The PHI potentially accessed or obtained varied from individual to individual, and may have included the following data elements:
- Names
- Addresses
- Telephone numbers
- Birth dates
- Appointment details
- Social security information
- Driver’s license data
- Password credentials
- Tribal ID numbers
- Health insurance info
- Medical record
- Provider information
- Diagnoses details
- Treatment notes
- Prescriptions
- Financial information
- Billing and claims data
As a precautionary measure, free identity monitoring and restoration services have been provided to those individuals impacted by the data breach and RMCHCS said it has enhanced its systems to protect against attacks by cybercriminals, and has bolstered its monitoring capabilities.