Sandhills Medical Foundation notified patients that an external cloud vendor underwent a ransomware attack, exposing patients' personal information, according to a news release.
On Jan. 8, the vendor informed the Jefferson, S.C.-based practice that it had experienced a ransomware attack. Cyberattackers used compromised credentials to access the vendor's system Sept. 23, 2020.
The attackers accessed Sandhills' system on Nov. 15 and extracted Sandhills' data before the ransomware attack was launched on Dec. 3.
Sandhill determined Social Security numbers, driver's license numbers and birth dates were among information that was affected. Medical records, bank account numbers and credit card numbers were not affected. The vendor paid the ransom and was assured copies of the patient data were deleted.