A ransomware assault on a Florida laboratory compromised the personal health information (PHI) of over 30,000 individuals. On May 19, 2021, Nationwide Laboratory Services, situated in Boca Raton, discovered unusual behaviour on its network. An investigation indicated that the attackers had utilised ransomware to encrypt files on the healthcare provider’s network, rendering their contents inaccessible.
A third-party cybersecurity firm was recruited by the lab to investigate the incident and aid with cleanup. Cyber-attackers hacked into parts of Nationwide Laboratory Services’ network that housed patients’ PHI, according to digital forensics.
The perpetrators of the ransomware attack encrypted files including patient data such as names, dates of birth, lab test results, medical record numbers, Medicare numbers, and health insurance information. Nationwide Laboratory Services issued a statement on the security problem, warning that “a small number of individuals had their Social Security numbers affected.”
According to the lab, the cyber-attack did not affect all Nationwide patients. It was also stated that the quantity of data revealed in the event varied per patient. The laboratory added, “Nationwide has no indication that any information was or will be used for any improper purpose.”
On October 28, Nationwide submitted a report about the breach to the Department of Health and Human Services’ Office for Civil Rights. According to the study, up to 33,437 people’s personal information may have been compromised.
Patients who were affected by the ransomware assault were alerted and given advice on how to secure their data. Nationwide warned affected consumers to be on the lookout for indicators of identity theft and to regularly monitor their financial account statements for any illegal activity.
In addition to encrypting an undefined number of Nationwide files, the cyber-criminals behind the laboratory assault may have removed certain data from their victim’s network.
“On May 19, 2021, Nationwide Laboratory Services realized that a ransomware virus had begun encrypting files stored on its network,” the laboratory reported. An unauthorized entity may have deleted a restricted number of files from its system in addition to encrypting them.”