The Fetal Diagnostic Institute of the Pacific in Honolulu is notifying 40,800 patients to a potential data breach after it fell victim to a ransomware attack in June, according to HHS' Office for Civil Rights breach portal.
After discovering the ransomware, FDIP tapped a cybersecurity firm to remove the malicious software and restore its data via backup files.
The cybersecurity firm was unable to determine whether any of the information had been viewed or removed from FDIP's servers, but the cyberattack enabled hackers to access current and former patients' names, dates of birth, home addresses, account numbers, diagnoses or other types of information. FDIP does not store any financial information.
"The cybersecurity firm cleansed FDIP's computer systems, confirmed that no malware remained and implemented additional protections to help avoid any future incidents," a notice on FDIP's website states. "We do not expect that patients will experience any harm from this unauthorized disclosure, and there is no action patients need to take at this time."
FDIP's notice instructs patients who receive any suspicious communications or discover other activities they believe may be related to this event to inform FDIP immediately.