Delaware oncology group hit by nearly month-long ransomware attack

Medical Oncology Hematology Consultants discovered the cyberattack on July 7, which may have breached the records of over 19,000 patients.

Delaware-based Medical Oncology Hematology Consultants began notifying patients this week of a ransomware attack that potentially breached the records of 19,203 patients.

The cyberattack was discovered on July 7, but the attack began nearly a month earlier on June 17. Officials said the hackers targeted certain electronic files on the provider’s server and workstation that may have exposed names, dates of birth, phone numbers, health information and treatment data.

“Immediately upon learning the presence of ransomware on our systems, we commenced an investigation to determine the scope, the impact on our systems and the identity of those affected,” officials said in a statement.

All impacted patients are being offered a year of free credit monitoring.

Medical Oncology also hired a third-party forensics team to help the provider recover the data and make sure the ransomware was completely cleared from the system, while determining if the data had been accessed, disclosed, acquired or compromised. The investigation did not find any improper use or access to the patient files, according to officials.

Medical Oncology has taken steps since the attack to bolster its security, by changing network passwords, restoring files from backups, revising document retention policies, providing additional data security training to employees and installing an umbrella web filtering system.

The organization has also implemented a two-factor login authentication system, consolidated servers and systems and reevaluated access privileges. Medical Oncology has also conducted an email phishing test to staff, shown to improve security awareness.