Sarah Coble of infosecurity-magazine.com reports that the Sonoma Valley Hospital notified 67,000 patients that their personal data may have been exposed in a cyber-attack. The attack on the network happened in October of 2020, and Coble quotes “by what is believed to be a Russian threat actor.” The hospital experienced a ransomware attack which has been one of many such attacks on hospitals this year. The attack was apparently discovered on the day it occurred and the hospital IT staff took measures to shut down systems to minimize damage to the hospital network and devices. The hospital hired an external information technology and forensics company to assist the hospital cybersecurity team in conducting the examination and review of their systems. The external company advised the hospital not to pay the ransom demanded by the attackers and the hospital followed the advice of the company.
The forensic examination revealed that the criminals conducting the attack “could have accessed information including patients’ names, addresses, dates of birth, insurer group numbers, and subscriber numbers” writes Coble. Additionally, Coble includes that the forensic examination showed that other details such as “diagnosis or procedure codes, date of service, place of service, amount of claim, and secondary payer information” could have been accessed as well. It is reported that the analysis of the systems did not seem to indicate that patient financial information such as credit card info or social security numbers were accessed.
Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology