A ransomware attack forced the permanent closure of Alpha Wellness and Alpha Medical Centre, a physician practice based in Alpharetta, Ga., on April 18, The HIPAA Journal reported July 21.
What happened?
- On Feb. 3, the practice detected unusual network activity and launched an internal investigation. Third-party cybersecurity experts confirmed the incident was a ransomware attack and determined that the data of 1,714 patients had been exposed.
- The stolen data included names, addresses, email addresses, phone numbers, health insurance details and medical appointment information. As of the notification date, there was no evidence that the data had been misused.
- The attack was attributed to the RansomHub ransomware group, which posted Alpha Wellness and Alpha Medical Centre on its dark web leak site and shared samples of the stolen data. RansomHub ceased operations March 3.
“We are deeply saddened to share that Alpha Medical Centre has been the victim of a serious cybersecurity attack. As a result of this criminal act and its devastating impact, we have no choice but to close the practice. Our last day seeing patients will be Friday, April 18,” a notice on the practice’s website read. “Thank you for allowing us to serve you and the Alpharetta community for the past 12-plus years. We wish you all the best of health moving forward.”
