Magnolia Pediatrics of Marin

A ransomware attack on an unknown IT vendor was reported to Magnolia Paediatrics, which also informed more than 12,000 other patients.

A security problem was detected by Magnolia Paediatrics.

Their IT partner, LaCompuTech, reportedly conducted an investigation and informed them that only the Master Boot Record had been breached and that no patient data had been accessed.

Magnolia Paediatrics claims that LaCompuTech informed them that there was no need to notify the patients as this was not a HIPAA breach.

Because anyone with the capacity to encrypt the MBR had access to the whole server and all of the protected health information on it, it was determined that this occurrence should have been reported.

Source: https://www.databreaches.net/magnolia-pediatrics-notifies-patients-of-a-security-incident-after-ocr-tells-them-its-reportable/

"id": "MAG8819523",
"linkid": "magnolia-pediatrics-of-marin",
"type": "Ransomware",
"date": "10/2020",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"