Ransomware Attack Impacts 107,000 Ferguson Medical Group Patients

Saint Francis Healthcare System has revealed that the computer network of Ferguson Medical Group has been hit by a ransomware attack.

The attack took place on September 21, 2019, before Saint Francis Medical Center purchased the Sikeston, MO-based medical group. Saint Francis Healthcare became aware of the ransomware attack on September 21.

A notice published on the Saint Francis Healthcare website, the hackers succeeded in encrypting medical records of all patients who had been treated at Ferguson Medical Group prior to January 1, 2019. The incident was made known to the Federal Bureau of Investigation and steps were swiftly taken to isolate the impacted systems.

The hackers demanded payment of a ransom for the keys to decrypt files on the network. Since there was no guarantee that the hackers were able to provide working decryption keys and due to other uncertainties, the decision was taken not to pay and to instead rescue files from backups.

While many files were rescued, some information could not be restored and has been forever lost. It was not possible to recover any documentation that had been scanned and saved on its databases, and medical records for patients who were given services at Ferguson Medical Group between September 20, 2018 and December 31, 2018 were also forever lost.

A review of the attack uncovered no proof to suggest the attackers obtained files including the protected health information of patients prior to encryption and there have been no reports received to suggest any patent data has been improperly used. However, since it is not possible to rule out unauthorized data access and theft, impacted patients have been offered complimentary credit monitoring and identity theft protection services.

The incident has been published on the Department of Health and Human Services’ Office for Civil Rights breach website. The breach summary shows that 107,054 Ferguson Medical Group patients have been impacted. It is not yet known how many of those patients have had some or all of their health information lost due to the attack.

Author: Security News