Professional Dermatology Care in Reston, Va., is notifying patients unauthorized parties from outside the U.S. may have compromised patient data in a ransomware attack.
The office learned June 27 that patient data had been encrypted via ransomware, and the hackers may have accessed patient data between June 19 and June 27. "PDC, P.C. believes the criminals' motive was to extract money from the company in order to de-encrypt data, rather than for the misuse of patient data," according to the notification.
Potentially accessed information may have included patient names, addresses, birth dates, Social Security numbers, Medicare numbers and medical and billing records.
PDC said it is not aware of any patient data being misused by an unauthorized individual.
The security incident affected 13,237 patient records, according to HHS' Breach Portal.
More articles on data breaches:
Banner Health cyberattack brings layered security strategy into focus
Company issuing health plan ID cards hit with data breach affecting 3.3M
Oregon State Hospital reports breach after clinician texts patient medical data