Ransomware Attack on Wolfe Eye Clinic Exposes Data of 500k Patients
An Unauthorized Third-Party Attempted to Access the Company’s Computer Network and Then Restricted Access to Several Systems and Information.
In February 2021, the Wolfe Eye Clinic suffered a ransomware attack that led to the access and potential theft of private information belonging to almost 500k current and former patients. According to the clinic representatives, the threat actors demanded a ransom, but it was not paid.
Even if the cyberattack took place in February, the complexity and full scope of the incident were not realized until May 28.
Wolfe Eye Clinic is a recognized diagnostic and surgical center offering the broadest range of professional care in the specialties of ophthalmology and optometry. With nearly 50 physicians and more than 40 locations served throughout Iowa, Wolfe Eye Clinic provides expert eye care and convenience to all its patients.
The security team detected an unauthorized third party trying to gain access to the network on February 8 and immediately started to secure the network. An external IT security and analyst was hired to help with a forensic review into the extent of the incident, which did not conclude until June 8.
500k of Sensitive Data Accessed in the Wolfe Eye Clinic Cyberattack
The investigation revealed that the private data of 500,000 former and current patients may have been accessed during the cyberattack. The company said that have not been reports of identity theft, but that it is notifying all potentially affected individuals “out of an abundance of caution.”
The clinic operator declared it had discovered that sensitive data such as names, mailing addresses, dates of birth, and Social Security numbers may have been accessed during the attack.
For some patients, the accessed data included protected medical and health information.
Wolfe Eye Clinic did not disclose how the threat actor managed to access its systems or the impact the ransomware had on its ability to function, nor did it describe the recovery process following the attack.
Wolfe Eye Clinic said it is taking measures to prevent a similar incident from happening again by implementing extra safeguards and enhancing its security. All the affected individuals will receive one year of identity monitoring at no cost.
Luke Bland, the organization’s CFO declared:
We take our responsibility to protect personal information in our control very seriously and apologize for any concern or inconvenience this may cause.
We continue to closely monitor the situation and are committed to notifying past and present patients about what happened and what they can do to protect their information.
Unfortunately, the Wolfe Eye Clinic is not the only healthcare provider in dealing with cybersecurity incidents.
Earlier this month, Reuters reported that the U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism.
Unfortunately, these types of cyberattacks have become all-too-common for the healthcare sector. Bland declared that they are aware of the importance of this incident and took rapid steps in order to address the issue.
The FBI keeps saying that paying ransoms encourages ransomware cybercriminals to conduct even more attacks.
The agency says the ransom payment doesn’t guarantee the victim will get a functional decryptor or that threat actors will follow through on commitments to restore or wipe out the stolen data.