Cyber Incident Victim: Coastal Cape Fear Eye Associates

On December 5, 2017, Coastal Cape Fear Eye Associates (CCFEA) discovered a ransomware attack compromising a file within their computer system. The malicious code rendered certain electronic files inaccessible, despite existing security measures implemented by CCFEA and their IT consultant. The organization immediately engaged independent IT professionals, who quarantined and removed the ransomware from the impacted file. However, CCFEA remained unable to access the encrypted data for an extended period, delaying their ability to assess the scope of compromised information and identify affected patients. The investigation ultimately confirmed the ransomware attack compromised files containing patient records, though no evidence indicated data exfiltration or removal from the system.

The compromised data included patient names, addresses, dates of birth, phone numbers, Social Security Numbers, insurance card numbers, driver’s license numbers, email addresses, ethnicities, emergency contacts, medical histories, medications, legal documents, diagnosis records, physician notes, medical diagrams, and billing and payment histories. Scanned copies of Medicare cards, insurance cards, and driver’s licenses were also affected. CCFEA began notifying impacted patients by mail starting February 1, 2018, when they reported the breach affecting 925 individuals to the U.S. Department of Health and Human Services. The organization pledged to file reports with the North Carolina Department of Justice and HHS while continuing its investigation. CCFEA’s IT professionals concurrently worked to implement additional security measures to prevent future attacks, and patients were directed to contact Dee Smith at 910-762-0057 for further inquiries.