Ransomware attack against Florida provider affects nearly 60,000 individuals
Bruce L. Boros, MD, PA, DBA Advanced Urgent Care, a healthcare provider in Key West, Florida, on November 6 reported a security breach that affected 58,823 individuals, according the Office for Civil Rights (OCR) breach report.
In a security notice, Advanced Urgent Care described a March 1 ransomware attack that encrypted files stored on a backup drive. After an extensive forensic investigation, Advanced Urgent Care discovered on September 11 that the impacted backup drive data contained protected health information and personal information, including the following:
- Bank account information
- Credit or debit card information
- Dates of birth
- Driver’s license numbers
- Health insurance information
- Lab results
- Medical diagnostic information
- Medicare or Medicaid beneficiary numbers
- Medical record numbers
- Medical treatment information
- Military and/or veteran administration numbers
- Signatures
- Social security numbers
The Advanced Urgent Care electronic health system was not impacted by the attack.
Following discovery of the attack, Advanced Urgent Care took steps to secure its network and improve internal procedures to identify and resolve future threats. Advanced Urgent Care notified impacted individuals and recommended that these individuals remain vigilant in reviewing financial account statements on a regular basis to check for fraudulent activity. Individuals whose social security numbers were impacted have been offered complimentary credit monitoring.