Cove Family and Sports Medicine Data Breach (2017)

On April 14, 2017, Cove Medicine’s computer system was infected by a ransomware virus that encrypted its electronic medical software containing patients’ medical records. The ransomware demanded monetary payment from Cove Medicine in order to decrypt the files and allow the practice to regain access to them. The encrypted medical records contained patient information, including names, dates of birth, social security numbers, addresses, patient identification numbers, prescription information, diagnosis information, procedure information, and time and date of treatment. Cove Medicine did not pay the ransom to the cyber criminals, but instead removed the virus by reinstalling the operating system on its server and then restoring the majority of its patient records from backup copies. The backup records, however, were partially encrypted as well and the practice currently has not been able to restore its internal notes for visits that have occurred in approximately the past two years. Cove Medicine believes it will be able to restore all other treatment records, and that this will not impair its ability to provide care to its patients. Subsequent scans of the practice’s computer system have shown no additional indications of the ransomware. Cove Medicine’s investigation of the incident also has not shown any indication of exfiltration of patient records by the ransomware virus or any other unauthorized access to its computer system. However, out of an abundance of caution and because of its commitment to data security and privacy, Cove Medicine has notified all patients about the incident.