10 May 2017
Although no ransom was demanded, it has been determined that San Antonio-based ABCD Children’s Pediatrics’ patient records were compromised in two ways: the Dharma virus, which is in the same family as Crisis ransomware, and by suspicious user accounts on ABCD’s network.
It’s believed that the sensitive information of 55,447 patients was stolen. This includes names, social security numbers, billing information, birth dates, addresses, and phone numbers, along with more private information like lab results and medical records.
This information is extremely valuable on the dark web for nefarious acts that include tax fraud and identity theft.
After removing the virus and restoring data through backups then determining that no data was lost, ABCD’s IT team contacted the FBI for further investigation and are offering their compromised patients free credit monitoring.