Nearly 24,000 patients may have had their protected health information breached in a recent hacking IT incident at Dr. DeLuca & Dr. Marciano Eye Associates, the Prospect, Conn.-based optometry practice reported to HHS' Office for Civil Rights Jan. 25.
Twenty-five of the clinic's computer monitors went unresponsive the morning of Nov. 29 due to a ransomware attack, Citizen's News reports. The hacker may have gained access to 23,578 patients' sensitive data, including names, Social Security numbers and some health information. All affected patients have been notified.
The practice has patient information backed up on a separate system that was not affected in the attack, according to Dr. Deluca. It took the clinic three days to delete everything from the compromised system and transition to the other system.
"At this time, we are not aware of any attempted or actual misuse of anyone's information as a result of the incident," the office said in a statement to Citizen's News Jan. 15. "However, we have sent notification letters to potentially impacted individuals out of an abundance of caution to notify them of this incident and to provide resources to assist them. We sincerely apologize for any inconvenience or concern this incident may cause."
The hackers reportedly wanted $4,000 in ransom, which the clinic did not pay. Dr. Deluca told Citizen's News he had cybersecurity insurance at the time of the attack.