Cyber Incident Victim: Southern Hills Eye Care

On January 15, 2019, Southern Hills Eye Care discovered a ransomware attack affecting the server at its Sioux City office, prompting an immediate investigation into potential data exposure. The investigation determined an unknown unauthorized third party may have gained access to the server during the incident, creating risk of exposure for patient records containing names, addresses, phone numbers, dates of birth, insurance information, and health information. Medicare patients faced additional exposure risk for Social Security numbers stored on the compromised system. While the organization confirmed the ransomware encryption event, investigators found no evidence confirming whether attackers actually viewed or extracted patient data from the system prior to encryption. No misuse of patient information had been identified as of the investigation's conclusion.

Southern Hills Eye Care mailed notification letters to potentially affected patients on March 15, 2019 – two months after detecting the incident – describing the nature of the breach and the categories of information at risk. The notification included a toll-free call center (855-255-4839) operational Monday through Friday from 6:00 AM to 6:00 PM Pacific Time for patient inquiries. Organizational response emphasized reinforcing security measures to prevent recurrence, though specific technical or procedural changes were not disclosed publicly. The incident exposed vulnerabilities in protecting sensitive health information, particularly Medicare beneficiaries' Social Security numbers, though no fraudulent activity stemming from the breach was reported. Southern Hills Eye Care publicly expressed regret for patient concerns while maintaining there was no evidence of actual data access or misuse beyond the system compromise itself.