Ransomware Hits Virginia Clinic
A Virginia dermatology clinic notified 13,237 patients this month of a breach of protected health information (PHI) in the wake of a ransomware attack.
On June 27, Professional Dermatology Care, P.C. (PDC, P.C.) in Reston, Virginia, discovered evidence that unauthorized third parties accessed and obtained PHI beginning June 19, the practice said in a statement. Patients’ files were encrypted by the ransomware but it is not clear whether PDC, P.C. paid a ransom to regain access to the files.
Affected files may have contained:
- Billing information
- Dates of birth
- Medical information
- Medicare numbers
- Social Security numbers
The clinic contacted the FBI and is preparing breach reports for HHS and the Virginia attorney general.
PDC, P.C. is offering identity protection and repair services and advises patients to review their credit reports, credit card statements, and other financial or health accounts.