AUSTIN (KXAN) — An Austin health provider is admitting they fell victim to a ransomware attack and that patient information was breached because of it.
Urology Austin said the attack happened on Jan. 22 and within minutes they were alerted and able to shutdown the network the data was on.
Investigators determined that the breach impacted patient information, including names, addresses, dates of birth, Social Security numbers, and medical information. The company tells KXAN they don’t believe any actual information was taken or will be misused, however, they’ve alerted 200,000 patients affected out of an abundance of caution. They were required by law to alert patients, because the breach affected more than 500 people.
Gregg Philipson says he almost threw the letter away because he hasn’t been a patient at Urology Austin for more than 20 years.
“No one wants to be worried about identity theft,” said Philipson. “It’s a bit surprising, in the sense, with all the intrusion software that’s available today that this would be happening at this level.”
Now Philipson is spending time on the phone with his credit card company and other resources available to protect customer’s information.
“I think companies, small businesses and doctor’s organizations have to be more vigilant about protecting our data as citizens,” said Philipson. “And not providing us with unnecessary stress in addition to going to a doctor.”
The government says ransomware attacks like this are going up, about 4,000 a day since early 2016. Criminals break into an organization’s system and encrypt the data, demanding a ransom to unlock it.
Urology Austin says they did not pay a ransom, and were able to restore patient information from a backup. Since the attack they say they’ve taken steps to improve their network and system security.
Urology Austin leaders established a toll-free line to have questions answered about the impact of the breach. The call center is available Monday through Friday from 8 a.m. to 5 p.m. and can be reached at 1-800-877-2611.
In April 2015, the Seton Family of Hospitals were hit by a phishing attack; 39,000 patients were affected in that breach.
If you believe you’ve been a victim of identity theft, the attorney general of Texas provides information on what steps to take. You can also take steps to prevent identity theft from happening to you.