Longs Peak Family Practice in Longmont, Colorado. Credit: Google Maps
Hackers hit Colorado-based Longs Peak Family Practice with ransomware on November 5 and once again with a second cyberattack on November 10.
The Longmont provider discovered the first "suspicious activity" on its network and determined a hacker was in the system. After launching an investigation, its team was unable to secure the network before the hacker executed malicious ransomware code onto the system.
Officials said certain files were encrypted by the virus, but they were able to rebuild and restore system files from a separate, secure backup.
Then the investigation found a second hack into the network within a week -- separate from the ransomware incident. Investigators promptly hired a forensic computer firm to help with the investigation and restoration, which concluded on Dec. 5.
Investigators found unauthorized access to its system on three separate occasions.
"We didn't find evidence of any patient files being opened on the computers," officials said in a statement. "Because some of the software installed by the hackers could have been used to download computer files and some files were encrypted, we can't be sure health information wasn't compromised."
The potentially compromised files contained patient identification numbers, Social Security numbers, dates of birth, addresses, phone numbers, email addresses, insurance information, driver's licenses, dates of services, clinical data and copies of provider notes. No financial data was contained in the files.
Longs Peak has since changed network access privileges and upgraded its firewall. Officials said they are currently analyzing network monitoring tools and procedures to prevent future attacks. Further, the provider is reinforcing and retraining its workforce.
Both hacking incidents were reported to law enforcement. The breach has not yet been added to the U.S. Department of Health and Human Services' Office of Civil Rights' breach reporting tool. All impacted patients are being offered a year of free credit monitoring.