A Dharma ransomware outbreak at a Texas hospital may have led to a customer data breach.
Altus Baytown Hospital and its affiliates and related entities (collectively known as “ABH”) posted a notice of data breach that may have impacted patient personal information.
An excerpt from the ABH breach notice:
“On approximately September 3, 2018, we discovered that an unauthorized party gained access to our computer system and infected the system with malware. The malware encrypted many of ABH’s records (which made them inaccessible to ABH) to extort money from ABH. This is commonly referred to as ‘ransomware.’ Although our electronic health records were not impacted, some of the affected files contained patient information, including patient names, home addresses, dates of birth, social security numbers, driver license numbers, credit card information, phone numbers, and medical information.”
After further investigation, ABH also believes that the impacted records “were simply encrypted and there is currently no indication that the information itself has otherwise been accessed or used by any unauthorized individual.”