Andrews Braces Ransomware Attack Impacts PHI of Around 16,600 Patients


The Sparks, NV orthodontics practice, Andrews Braces suffered a ransomware attack on February 14, leading to the encryption of patient data.

A resulting investigation determining the ransomware was placed on their systems the previous day.

The practice brought in a third-party forensic investigator to assess the scope and extent of the attack and determine whether patient information had been viewed or exfiltrated prior to encryption. While ransomware attacks often involve data theft, the investigation did not locate any evidence of data theft. This appeared to be an automated attack with the sole aim of encrypting data to steal money to have to released once more.

The practice regularly backed up patient data and stored its backups safely, so it was possible to restore the encrypted files without handing over the money demanded as a ransom. Data theft is not suspected but the possibility could not be completely thrown out, so notification letters have been sent to all possibly affected patients.

Andrews Braces has now configured new security solutions and has taken other steps to harden security to prevent further attacks going forward.

EVERSANA Issues Notification Letters to Patients in relation to 2019 Data Breach

EVERSANA, an independent provider of global services to the life sciences sector, has discovered an unauthorized individual obtained access to the email accounts of some of its staff members during 2019.

EVERSANA was made aware about unusual activity in its employees’ accounts and found that the accounts had been accessed by an unauthorized person through a legacy technology environment. The investigation revealed the accounts were infiltrated between April 1 and July 3, 2019.

The accounts were holding information from a small number of patient services programs. No proof of unauthorized data access was located, but it is possible that the hacker(s) accessed the sensitive information of particular patients. A comprehensive review of the affected accounts concluded in February and confirmed these data elements were potentially impacted: Names, addresses, Social Security numbers, driver’s license numbers, state identification numbers, passport numbers, tax identification numbers, debit/credit card data, financial account information, usernames and passwords, health details, treatment information, diagnoses, supplier names, MRN/patient ID numbers, Medicare/Medicaid data, health insurance information, treatment costs, and/or prescription information.

EVERSANA has its addressed the issue with its legacy technology environment and has used further safeguards to enhance security. Impacted individuals have now been notified and offered 1 years’ free membership to credit monitoring and identity restoration services.