Cyber Incident Victim: Randleman Eye Center

On January 13, 2020, Randleman Eye Center discovered unauthorized access to its systems involving malware introduced by an unknown third party on or around January 10, 2020. The malware encrypted files stored on a server containing protected health information, potentially compromising patient data including first and last names, dates of birth, genders, and digital retinal images. While the organization found no conclusive evidence that personal information was exfiltrated beyond encryption, it acknowledged the possibility could not be entirely eliminated. The incident specifically affected systems hosting patient records, though the exact number of impacted individuals was not disclosed. Malware encryption rendered affected files inaccessible during the attack period, disrupting normal operations. The center did not identify the specific malware variant or the initial attack vector in its public statement.

Randleman Eye Center engaged a third-party forensics firm to investigate the incident's scope and origin while implementing containment measures to prevent further unauthorized access. As a precautionary measure, the organization offered one year of complimentary credit monitoring services to potentially affected patients, despite lacking evidence of data misuse. Patients were advised to monitor financial accounts and credit reports for suspicious activity, with instructions to report concerns to financial institutions, law enforcement, state attorneys general, and the Federal Trade Commission. The center emphasized ongoing efforts to strengthen security protocols against future incidents but did not disclose specific technical or procedural changes implemented. No ransomware demands or threat actor communications were referenced in the public disclosure. The incident notification was distributed via press release to BusinessWire on January 13, 2020, coinciding with direct patient communications where contact information was available.