Pennsylvania Eye Care Facility Suffers Data Breach After Ransomware Attack
May Eye Care Center and Associates, located in Hanover, Pennsylvania recently reported a breach of patient records as a result of a cyber attack. In July 2018, May Eye Care Center suffered a ransomware attack. The unknown ransomware variant infected the eye care center’s server, leaving approximately 30,000 patient files compromised.
The patient data leaked from the attack included names, birth dates, addresses, medical diagnosis, treatment information, insurance data, and any clinical notations.
May Eye Care Center has hired an external forensics team to help investigate. In addition, they contacted the FBI and hired an IT security firm to review and strengthen its security systems and policies.
Although the patients impacted by the data breach have been notified, this process did not take place within the 60-day window required by HIPAA. It remains unclear why the eye care center was not able to meet this deadline.
Other Ransomware Attacks
For a list of ransomware attacks that have already taken place in 2018, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.