Cyber Incident Victim: Dr. DeLuca and Dr. Marciano Eye Associates

On or around January 25, 2019, Dr. DeLuca & Dr. Marciano Eye Associates, a Connecticut-based medical practice, experienced a ransomware attack that encrypted their systems and disrupted operations. The attackers demanded payment to restore access to the compromised data. The practice did not comply with the ransom demand, instead relying on existing backups to restore their systems. This restoration process allowed them to regain operational functionality without negotiating with the threat actors. The incident was reported to the U.S. Department of Health and Human Services (HHS) as affecting 23,578 individuals, indicating the attackers potentially accessed or encrypted protected health information during the breach.

The practice initiated patient notification procedures following the system restoration, issuing formal communications to nearly 24,000 affected individuals. Their cyberinsurance policy covered costs associated with breach notifications and related incident response activities. While the specific ransomware variant and initial attack vector were not publicly disclosed, the incident highlighted the operational resilience provided by maintained backups. No evidence suggested public data leaks or additional malicious activity following the restoration. The attack’s primary consequences involved temporary operational disruption, notification obligations, and potential exposure of patient health information, though no long-term data misuse was confirmed in available reports.