A dental practice in Reno, NV has experienced a ransomware attack that prevented dental records and images from being accessed for five days.
Wager Evans Dental experienced the ransomware attack on October 30, 2017. The malicious software was installed on one computer and one server used by the practice.
Ransomware can be installed in a number of ways, although most commonly attacks occur via email. That appears to be the case with this attack, with the practice suspecting ransomware was downloaded when an employee clicked on a malicious hyperlink or email attachment.
IT staff and other experts were able to restore the encrypted files and remove the ransomware, although the process took five days. Access to patient records and images was not regained until November 4.
The files encrypted by the ransomware contained sensitive information such as names, dates of birth, addresses, diagnoses, treatment plans, images, health insurance information, and Social Security numbers.
A comprehensive investigation of the attack was conducted and while it is possible that data could have been viewed by the attackers, the sole intention of the attack appears to be an attempt to extort money from the practice.
The investigation into the breach is ongoing, although so far there are no indications that the attackers viewed or stole PHI. Since it is not possible to determine with absolute certainty that data access/theft did not occur, all patients have been notified of the attack, and out of an abundance of caution, those individuals have been offered credit monitoring services for one year without cost.
The attack has prompted the practice to enhance its security to prevent similar incidents from occurring in the future. In the breach notification letter, Brian E. Evans, DDS, said “We have retained security experts and made significant upgrades to our network and computer security.