The Mayfield Clinic of Cincinnati patients received an email in February that contained a malevolent attachment which transferred ransomware onto their machines. The entrance on the HHS’ OCR infringement portal shows 23,341 patients received the email, even though it’s unclear how many of email receivers opened the malevolent attachment as well as infected their machines.
A person who got access to a databank possessed by one of Mayfield’s sellers sent the email. That seller was hired to send out announcements, invitations, newsletters, and academic information through email to website contacts, business associates, event attendees, patients, as well as other supports of Mayfield.
The emails were dispatched on February 23, 2016, and contained the theme line “Essential Info: invoice 11471.” Unsealing the accompanying file activated the transfer of ransomware – malicious computer software which encrypts records stopping them from accessing. Then the victims are informed they should pay a buyback to get the key to open the encryption.
The person who accessed the email databank was able to access email addresses only. No personal information, Social Security numbers or medical data was accessed. A list of emails only was supplied to the vendor.
The security break was swiftly known letting Mayfield warn a lot of people on the email list within 24 hours. Mayfield displayed a security notice on its website in a conspicuous place and transmitted announcements through social media. Two days later, an email update was also dispatched, a press release was published, and letters were dispatched to impacted persons. The email account utilized to send the malevolent email has been made inaccessible in order to avoid additional access.
The security break triggered an inquiry and assessment of procedures and policies and Mayfield has consulted with its seller to make sure that analogous events are avoided in the time to come.
Mayfield also utilized a computer virus safety service to decide whether the email and the enclosed file had a virus. All receivers of the malevolent email have now been transmitted a linkage which they can use up to download software to get rid of the ransomware infection.