article featured image


In February 2021, the Wolfe Eye Clinic suffered a ransomware attack that led to the access and potential theft of private information belonging to almost 500k current and former patients. According to the clinic representatives, the threat actors demanded a ransom, but it was not paid.

Even if the cyberattack took place in February, the complexity and full scope of the incident were not realized until May 28.

Wolfe Eye Clinic is a recognized diagnostic and surgical center offering the broadest range of professional care in the specialties of ophthalmology and optometry. With nearly 50 physicians and more than 40 locations served throughout Iowa, Wolfe Eye Clinic provides expert eye care and convenience to all its patients.

The security team detected an unauthorized third party trying to gain access to the network on February 8 and immediately started to secure the network. An external IT security and analyst was hired to help with a forensic review into the extent of the incident, which did not conclude until June 8.

500k of Sensitive Data Accessed in the Wolfe Eye Clinic Cyberattack

The investigation revealed that the private data of 500,000 former and current patients may have been accessed during the cyberattack. The company said that have not been reports of identity theft, but that it is notifying all potentially affected individuals “out of an abundance of caution.”

The clinic operator declared it had discovered that sensitive data such as names, mailing addresses, dates of birth, and Social Security numbers may have been accessed during the attack.

For some patients, the accessed data included protected medical and health information.

Wolfe Eye Clinic did not disclose how the threat actor managed to access its systems or the impact the ransomware had on its ability to function, nor did it describe the recovery process following the attack.

Wolfe Eye Clinic said it is taking measures to prevent a similar incident from happening again by implementing extra safeguards and enhancing its security. All the affected individuals will receive one year of identity monitoring at no cost.

Luke Bland, the organization’s CFO declared:

We take our responsibility to protect personal information in our control very seriously and apologize for any concern or inconvenience this may cause.

We continue to closely monitor the situation and are committed to notifying past and present patients about what happened and what they can do to protect their information.


Unfortunately, the Wolfe Eye Clinic is not the only healthcare provider in dealing with cybersecurity incidents.

Earlier this month, Reuters reported that the U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism.

Unfortunately, these types of cyberattacks have become all-too-common for the healthcare sector. Bland declared that they are aware of the importance of this incident and took rapid steps in order to address the issue.

The FBI keeps saying that paying ransoms encourages ransomware cybercriminals to conduct even more attacks.

The agency says the ransom payment doesn’t guarantee the victim will get a functional decryptor or that threat actors will follow through on commitments to restore or wipe out the stolen data.

Author Profile

Antonia Din

PR & Video Content Manager

linkedin icon

As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.

Leave a Reply

Your email address will not be published. Required fields are marked *

Protect your business by doing more with less

Book a Demo