Cyber Incident Victim: Oceansview Optical

On October 8, 2022, Oceansview Optical in Sebastian, FL, detected a ransomware attack when its office software abruptly shut down. An investigation confirmed that portions of its database had been encrypted using Venus ransomware. The attack corrupted two external hard drives and the backup server, eliminating immediate options for data restoration. This forced the practice to operate using paper charts for nine days while systems were rebuilt. Oceansview Optical did not pay the ransom demand. Without functional backups, encrypted data spanning from July 2021 to October 8, 2022, remained inaccessible. A copy of the encrypted database was preserved in hopes that a future decryptor for Venus ransomware might enable recovery.

Jennifer L Loar OD, representing Oceansview Optical, stated the primary intent of the attack appeared to be data corruption to disrupt operations, though data exfiltration could not be definitively ruled out. The compromised database contained patient names, nicknames, addresses, phone numbers, email addresses, birth dates, ethnicity, preferred language, insurance details, diagnoses, medications, medication allergies, medical reports, and eyeglass and contact lens orders. No specific evidence confirmed data theft occurred. The incident necessitated a temporary return to manual record-keeping during system restoration, impacting operational continuity. Oceansview Optical retained the encrypted data for potential future decryption but did not disclose whether external cybersecurity support was engaged or if regulatory authorities were notified.