Cochise Eye & Laser Ransomware Attack Impacts Around 100,000 People


A ransomware attack took place on the Sierra Vista, the Arizona-based ophthalmology and optometry supplier Cochise Eye and Laser on January 13, 2021. This attack lead to the encryption of its patient scheduling and billing solutions.

The attack stopped Cochise Eye and Laser from using any data in its scheduling system. Eye care services were still available for patients, with the practice changin gto the use of paper charts. According to a February 17, 2021 breach notice published on its web page, paper charts were still in use as the scheduling system remained out of use.

The official review into the ransomware attack found nothing to suggest any patient data were exfiltrated before the encryption of files; however, data theft could not be eliminated. The range of data that may have been accessed by the hackers included names, dates of birth, addresses, phone numbers and, for some people, Social Security information.

Since the attack took place, Cochise Eye and Laser has been attempting to enhance the security of its systems and is implementing a new offsite backup system. Attempts to recover the encrypted data are ongoing and patient charts will be used to reframe its schedules.

The ransomware attack has been made known to the HHS’ Office for Civil Rights as affecting up to 100,000 clients.

Elsewhere, Petersburg Medical Center in Alaska has revealed that an employee accessed the medical records of certain patients without adequate authorization, when there was no genuine work reason for doing this.

An internal review was begun as soon as the unauthorized access was uncovered, and the clinic was happy that there have been no additional disclosures by the employee and no patient information was taken from the medical center.

After the breach, the medical center took steps to stop the staff member “from accessing any patient records now or in the future.”

It is not known whether the sanctions involved termination. Measures have been implemented to stop any additional privacy breached at the medical center and impacted people have been made aware by mail.