Cyber Incident Victim: Atlantic Digestive Specialists
Date:
Feb 2017
Location:
United States of America
Summary
A ransomware attack compromised systems at Atlantic Digestive Specialists, potentially exposing patient information including names, dates of birth, addresses, medical record numbers, health insurance details, clinical data, and for some individuals, Social Security numbers. The organization found no evidence of actual or attempted misuse of the affected data but initiated notifications to potentially impacted individuals, offering complimentary credit monitoring and identity theft protection services for one year. They established a dedicated call center and advised vigilance regarding suspicious activity while directing affected parties to resources for fraud prevention and credit reporting. Forensic investigators assisted in determining the incident's scope and remediation efforts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Atlantic Digestive Specialists (ADS) detected a ransomware infection impacting their systems on February 20, 2017. Forensic analysis determined the ransomware first affected systems on or around February 18, 2017. ADS successfully removed the ransomware from compromised systems by February 22, 2017. The organization engaged third-party forensic investigators to determine the full scope and nature of the incident, though the investigation remained ongoing at the time of public disclosure. While ADS found no evidence of actual or attempted misuse of patient information resulting from the breach, the compromised systems contained sensitive personal and medical data. This included patient names, dates of birth, addresses, telephone numbers, medical record numbers, health insurance details, and clinical or diagnostic information. For a subset of affected individuals, Social Security numbers were also present on the impacted systems. The ransomware incident created potential risks of identity theft or fraud for patients due to the exposure of these data elements.
ADS initiated patient notification efforts on April 21, 2017, mailing letters to individuals potentially affected by the breach. The organization offered complimentary credit monitoring and identity theft protection services for one year to mitigate potential harm. Notification materials provided detailed guidance on fraud prevention, including instructions to review account statements, monitor credit reports, and scrutinize explanation of benefits forms for unauthorized activity. Patients received specific contact information for the three major credit bureaus—Equifax, Experian, and TransUnion—along with Federal Trade Commission resources regarding identity theft protections such as fraud alerts and security freezes. ADS established a dedicated call center operational Monday through Friday from 9 a.m. to 9 p.m. EST, reachable at 888-757-1875, to address patient inquiries. Additional protective measures and incident updates were published on the organization's website at atlanticdigestive.com. ADS advised individuals to report suspected identity theft incidents to law enforcement or their state Attorney General's office while continuing their forensic investigation into the ransomware attack's origins and full impact.