A ransomware attack on a Grand Haven, Mich.-based North Ottawa Community Health System's vendor may have compromised data from an estimated 15,000 patients, the Grand Haven Tribune reports.
The NOCHS patient records affected included information such as names, addresses, Social Security numbers, insurance contact information and medical account numbers.
Wolverine Solutions Group, a medical billing company, released a statement on North Ottawa Community Health System's website detailing the cyberattack. The vendor became aware of the attack Sept. 23, 2018. NOCHS was first notified Dec. 10, 2018. WSG brought in a third-party IT security company to investigate the extent of the breach. The security firm concluded the goal of the attack was to encrypt files to extort a ransom and that no personal data was taken from WSG's servers, according to the company's statement.
On Feb. 5, WSG told the health system 15,000 patients' records from April to September 2018 were potentially affected, according to the Grand Haven Tribune.
NOCHS patients affected by the breach have received notification letters from WSG, a health system spokesperson told the Grand Haven Tribune. The company is also providing free identity protection and credit monitoring services for affected patients throughout the next year.
Editor's note: The ransomware attack on WSG also affected Health Alliance Plan; Blue Cross Blue Shield of Michigan; Grand Blanc, Mich.-based McLaren Healthcare; Three Rivers (Mich.) Health; North Ottawa Community Health System in Grand Haven, Mich.; Warren (Pa.) General Hospital and UPMC Kane.