Eye clinic hack leaks medical records of thousand of past and present patients

Confidential information of more than half a million patients at Wolf Eye Clinic, an eye clinic in Iowa, USA would have been compromised due to a devastating ransomware attack. The company confirmed that no ransom was paid to the hackers. The compromised records include confidential details like full names, email addresses, Social Security numbers, birth dates, among other details.

Additional details about the ransomware variant used by the attackers or the amount of the ransom demanded are currently unknown.

The company also issued a statement to release some details: “Last February 8, 2021, Wolfe Eye Clinic was the target of a cybersecurity incident that involved an unauthorized access to our computer network. After the detection, we moved quickly to secure our network environment and launched a thorough investigation. We take the privacy and protection of patient and employee information very seriously, so we sincerely apologize and regret any inconvenience this incident may cause”.

Company executives announced their plan to notify all affected patients, as their information could have been compromised. Wolfe Eye Clinic mentioned that it will offer a year of credit monitoring services and protection against attempted identity fraud.

Luke Bland, chief financial officer at Wolfe Eye Clinic, says the company has already hired a team of specialists to analyze the incident, admitting that user data could have been affected.

Still, Bland was unoptimistic about the possibilities for preventing these attacks: “Cybersecurity incidents have become all too common, especially for health care companies around the world.” The company also enabled a call center for users to report any possible new incidents.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.