Fetal Diagnostic Institute of the Pacific

The Fetal Diagnostic Institute of the Pacific (FDIP) operates within the healthcare sector, specifically providing fetal diagnostic services. Based in the United States, FDIP handles sensitive protected health information (PHI) as part of its core medical diagnostic activities. This includes processing patient data such as names, addresses, dates of birth, diagnoses, and account numbers related to fetal health assessments. The organization functions under the regulatory requirements of the Health Insurance Portability and Accountability Act (HIPAA) due to the nature of the patient information it collects and manages during its diagnostic procedures.

In June 2018, FDIP experienced a significant cybersecurity incident involving a ransomware attack that compromised one of its servers. The attack encrypted files, including patient medical records containing PHI for approximately 40,800 individuals. While forensic analysis conducted after the breach found no conclusive evidence that the attackers accessed or exfiltrated the protected health information, the possibility could not be entirely eliminated. Consequently, FDIP treated the event as a reportable HIPAA breach. The compromised data potentially included patient names, addresses, dates of birth, diagnoses, and account numbers, though financial information was reportedly unaffected. FDIP engaged cybersecurity experts to remediate affected systems, eradicate the malware, and restore encrypted files from backups. Following the incident, the organization implemented enhanced security measures. Affected patients were notified about the breach and advised to monitor for suspicious activity, while relevant regulatory authorities were informed. FDIP stated that no lasting system compromises remained and anticipated no patient harm resulting directly from this specific breach.