Cleveland Medical Associates Notifies Patients of Ransomware Attack

Cleveland Medical Associates, a medical practice group in Cleveland, Tenn., has notified patients of an April ransomware attack on its computer network.

The four-physician primary care clinic recently sent a notice to patients that on April 20, its computer network had been impacted by a ransomware virus, though the attack did not impact the organization’s ability to provide care to patients, officials said. There is also no evidence that patient care was compromised in this incident, they attested. However, the notice was delivered to patients because the clinic was “unable to determine with reasonable certainty whether or not there was unauthorized access of information.”

It has been reported that the notice was sent to some 22,000 patients, though the medical center did not reveal this number in its notice. Following the incident, in addition to implementing a new medical records system and analyzing its security procedures, Cleveland Medical Associates hired a forensic investigation firm to determine the extent of the information potentially affected by the incident. The FBI has also been notified of the incident.

Cleveland Medical Associates said that it takes protecting its patients' information seriously and is offering a year of free credit monitoring to patients potentially affected by the incident.