Cone Health unable to recover patient data lost in ransomware attack

Greensboro, N.C.-based Cone Health disclosed on Nov. 4 that one of its medical practices was hit by a ransomware attack, leaving patient data unrecoverable.

Alamance Skin Center, a Cone Health practice since 2017, was hit by the ransomware attack in late July. The Burlington, N.C.-based practice’s EHR and servers are separate from Cone Health’s system, so the health system’s network was unaffected.

While no patient data was stolen during the attack, Cone Health determined Oct. 21 that the data involved in the cyberattack couldn’t be recovered. Patients who have an appointment scheduled at Alamance Skin Center are asked to call the practice to confirm their visit.

“While this attack was limited to this single practice, we use this as a learning opportunity across Cone Health,” said Frank Riccardi, vice president and chief compliance and privacy officer at Cone Health. “In fact, I urge everyone to learn from these instances as well. If you get an email asking for information such as passwords or to click to verify something, think twice. These attacks are getting extremely sophisticated. They are targeting families as well as businesses.”

More articles on cybersecurity:
Emotet malware attacks up 1,200% in Q3: 5 things to know
Retailer settles HIPAA violation allegations over improper electronic device disposal: 4 details
Updates on 5 hospital cyberattacks


© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.