Blue Springs Family Care notifies 44,979 patients after ransomware attack
Blue Springs Family Care in Missouri reported a ransomware incident to HHS this month that affected 44979 patients. HHS’s breach tool does not indicate whether a hack involves ransomware, but BSCF issued a notice on their website that indicates that on May 12, their computer vendor determine that the system had suffered a ransomware attack.
The notification does not indicate what type of ransomware or what the ransom demand was. Nor does it explain how the ransomware was injected into the system (notifications are not required to include such information, but those of us who track breaches would always love to know). Intriguingly, the notification includes a statement that “The investigation found indications that unauthorized persons had compromised the Blue Springs computer system and loaded a variety of malware programs, including the encryption program responsible for the ransomware attack.”
The incident has already been reported to HHS and appears on HHS’s breach tool.