Great Plains Health Patient Medical Records Encrypted Due to Ransomware Attack

A ransomware attack on Great Plains Health based in North Platte, NE resulted in the encryption of some patients’ health records.

Great Plains Health discovered the attack at approximately 7pm on November 26. The quick action taken helped lessen the effect on patients, and employees used pen and paper when computer systems were down. IT personnel worked 24/7 to take care of the attack.

Since the attackers were prevented from accessing the medical records, Great Plains Health decided to cancel patients’ non-emergency appointments and a number of medical procedures. Surgical procedures and some imaging procedures continue as usual. The hospital hasn’t announced emergency operations and patients will not be diverted.

The attack additionally affected its phone and email systems, though voicemail is not affected. Employees are reviewing voicemail messages continually and are contacting patients who were unable to complete a phone call.

It is uncertain at this time if the hospital paid the ransom demand or if it restored encrypted medical records from backups. Administrators are not sure how much time the hospital will need to recover but it might take weeks or months.

Even if patient data was encrypted, Great Plains Health is convinced that the attackers did not view or steal any patient information. The only purpose of the ransomware attack seems like extortion of money from Great Plains Health. All systems will be audited to know if there was patient data access or theft.

Phishing Attack at Atria Senior Living

Atria Senior Living, a retirement and assisted living company based in Louisville, Kentucky, reported that an unauthorized person accessed the email accounts of a number of its employees and might have accessed the protected health information (PHI) of some clients.

With the help of a cybersecurity company, Atria Senior living confirmed the compromise of a number of employees’ email accounts, which an unauthorized person accessed on different occasions from September 18 to September 20, 2019.

Atria Senior Living reviewed all impacted email accounts to find out the types of data that were potentially compromised and the clients affected. There was no way to know if the attacker opened or copied the email messages or attachments.

Since it’s not possible to rule out unauthorized data access, affected people were provided free credit monitoring and identity theft protection services for one year.

Atria Senior Living enforced more security controls and safeguards to avoid even more email security breaches. The number of persons affected by the email security breach is uncertain at this time.