Redwood Eye Center

They are known as Redwood Eye Center (also REC, Redwood Eye Care), headquartered in the United States. They provide eye care services and maintain patient medical records, including personal identifiers, health insurance details, and treatment information. As a healthcare provider, they are responsible for safeguarding protected health information.

On September 19, 2018, Redwood Eye Center experienced a ransomware attack that compromised a third-party vendor hosting its medical records. The attack encrypted approximately 16,000 patient records containing names, addresses, dates of birth, health insurance details, and treatment information. The organization engaged forensic specialists and a medical software vendor to investigate the incident and restore access to the encrypted data. Investigators noted no evidence of data exfiltration, attributing this to the nature of the ransomware attack. In response, Redwood Eye Center notified affected California residents and relevant authorities about the breach. Concurrently, the center initiated a transition to a new hosting provider that implemented enhanced security measures. This sequence of actions reflects the organization's approach to incident response, regulatory compliance, and efforts to strengthen its data protection posture.