California Malware Infection Data Breach Reported

It is not only large healthcare providers being targeted by hackers; the latest malware infection data breach has been reported by a relatively small healthcare provider; the Reeve-Woods Eye Center in California.

Reeve-Woods runs just two clinics – located in Chico and Paradise, CA – but it has been targeted by hackers who have managed to obtain medical files, Social Security numbers, names, telephone numbers insurance details, Medi-Cal IDs, Medicare ID numbers and treatment codes of the eye center’s patients. In total, 30,000 individuals are understood to have been affected by the malware HIPAA breach.

The malware infection data breach was discovered on Wednesday, September 17, 2014 by an IT consultant, who determined that the malicious software had been installed on two of the center’s computers. The active malware took a screenshot of what was being viewed on screen. Whenever records were accessed, the thieves were able to obtain the information held in the files.

After being informed of the malware infection data breach, the center conducted an investigation and the offending software was removed. Only two computers were found to have been affected. The center has now taken steps to secure its systems to prevent further attacks from occurring and the threat has been removed.

As required by the HIPAA Breach Notification Rule, all affected patients were contacted by mail to advise them that their data may have been viewed by unauthorized third parties. Instructions were provided to the victims on how they could monitor their accounts for credit and medical fraud.

A number of California data breaches have been reported in recent months. The state has a poor record of HIPAA data breaches and the situation does not appear to be improving. Last month, Graybill Medical Group suffered a data breach in which 1,863 records were compromised, the University of California Davis Medical Center reported a 1,326-record breach, Cedars-Sinai Health System reported a 33,000-record security breach to the OCR and August saw California Business Associate, Iron Mountain, report a breach involving 49714 records.

The latest data breach should serve as a warning to all covered entities that the threat of attack by cybercriminals is very real. Systems can easily become compromised resulting in the exposure of thousands of individuals’ Protected Health Information. When these attacks occur, they are likely to be investigated by the Office for Civil Rights, and if HIPAA violations are discovered, heavy fines can follow.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of