400,000 Patients of Columbia Surgical Specialists of Spokane Affected by Ransomware Attack


Columbia Surgical Specialists of Spokane located in Washington encountered a ransomware attack, which resulted to the potential access of unauthorized persons to the protected health information (PHI) of around 400,000 patients.

The Department of Health and Human Services’ Office for Civil Rights received the security breach report on February 18, 2019 and posted the incident as a hacking/IT incident tat impacted a network server.

The healthcare provider did not publish any breach notice on its website and so the nature and scope of the attack is unclear. The only information obtained was the fact that the incident was a ransomware attack that took place on January 7, 2019.

The healthcare provider recovered the files encrypted by the ransomware from backups and did not pay any ransom. Patients affected by the ransomware will be notified in due time. Additional information about the Columbia Surgical Specialists of Spokane breach will be shared as soon as it is available.

Another ransomware attack was reported by Mary Free Bed Rehabilitation Hospital located in Grand Rapids, MI. Some PHI of 4,755 patients were potentially exposed because of a ransomware attack on Wolverine Solutions Group, the billing service provider of the rehabilitation hospital.

Wolverine Solutions Group was attacked by ransomware on September 25, 2018, but the hospital only got the list of affected patients on February 6, 2019. A number of healthcare clients received notification in November regarding the impact of the breach on their patients. However, the process of file recovery and determining the affected patients took some time. Wolverine Solutions is issuing notifications according to rolling discovery dates.

The ransomware attack impacted the systems of Wolverine Solutions which included the following information: names, addresses, insurance providers’ names and billing numbers. The Social Security number of about 25% of the affected patients were also exposed.

Though there is potential access of PHI, Wolverine Solutions Group thinks that the attacker only wanted a ransom payment. Nevertheless, since it cannot be 100% certain there was no data access/theft, Wolverine Solutions Group offered the affected persons A year of credit monitoring and identity repair services for free.

Wolverine Solutions sent notification letters to all Mary Free Bed Rehabilitation Hospital patients impacted by the breach on March 4, 2019.