A pediatrics practice , ABCD Pediatrics , serving the San Antonio , Texas metropolitan area reported that it was hit with a ransomware attack Attack.Ransom , but existing antivirus software helped to slow down the attack , and the practice 's IT vendor successfully removed the virus and all corrupt data from its servers . However , because hackers may have accessed Attack.Databreach portions of the practice ’ s network , the pediatrics group is offering identity and credit protection services from Equifax Personal Solutions to all of its patients . The pediatrics group , which has four locations , posted a “ HIPAA Notification ” on its website , regarding an incident that may have affected patients ’ protected health information ( PHI ) . The practice stated that the notice was made in compliance with the Health Insurance Portability and Accountability Act of 1996 ( HIPAA ) . Prior to the attack , ABCD Pediatrics had a variety of security measures in place , including network filtering and security monitoring , intrusion detection systems , firewalls , antivirus software , and password protection , according to the organization ’ s statement . On February 6 , 2017 , an employee of ABCD Pediatrics discovered that a virus gained access and began encrypting ABCD ’ s servers . The encryption was slowed significantly by existing antivirus software . Upon discovery , ABCD immediately contacted its IT vendor , and ABCD ’ s servers and computers were promptly moved offline and analyzed . The virus was identified as “ Dharma Ransomware , ” which is a variant of an older ransomware virus called “ CriSiS , ” according to the organization ’ s IT vendor . “ ABCD ’ s IT company reported that these virus strains typically do not exfiltrate Attack.Databreach ( “ remove ” ) data from the server ; however , exfiltration could not be ruled out . Also , during the analysis of ABCD ’ s servers and computers , suspicious user accounts were discovered suggesting that hackers may have accessed Attack.Databreach portions of ABCD ’ s network , ” the organization stated . The IT vendor successfully removed the virus and all corrupt data from its servers , and the practice said that secure backup data stored separately from its servers and computers was not compromised by the incident , and it was used to restore all affected data . According to the organization , no confidential information was lost or destroyed , including PHI , and the practice group never received a ransom demand Attack.Ransom or other communications from unknown persons . In addition to notifying its patients , ABCD notified the FBI and the U.S. Department of Health and Human Services . According to the HHS ’ Office of Civil Rights ’ data breach Attack.Databreach portal , the incident affected 55,447 patients . While the IT vendor found no evidence that confidential information was actually acquired or removed Attack.Databreach from its servers and computers , it could not rule out the possibility that confidential information may have been viewed Attack.Databreach and possibly was acquired Attack.Databreach , according the ABCD Pediatrics ’ statement . Affected information may have included patients ’ names , addresses , telephone numbers , dates of birth , Social Security Numbers , insurance billing information , medical records , and laboratory reports . Following this incident , ABCD ’ s IT vendor located the source of the intrusion and implemented additional security measures , including state of the art cyber monitoring on its network , the organization said . In addition to the identity and credit protection services from Equifax , the pediatrics group recommended that patients also place a fraud alert on their credit files .

The city of North Bend , Ore. , was hit with a ransomware attack Attack.Ransom which temporarily locked out city workers from their computers and databases . “ One weekend morning a few weeks back all of our servers and things locked up , and we received a ransomware note that asked for Attack.Ransom $ 50,000 in Bitcoin these people would provide us with the code to unlock our computer systems , ” North Bend City Administrator Terence O ’ Connor told The World . Fortunately the city ’ s IT systems were backed up and officials were able to avoid the high ransom demanded Attack.Ransom by the criminals responsible for the attack Attack.Ransom . City officials did , however , call in the FBI to investigate the attack and while they were unable to identify anyone directly involved in the attack , they were able to trace the ransom demand Attack.Ransom to Romania . O ’ Connor added that the attack appeared to be a more sophisticated ransomware where there are two keys needed to unlock your system with one planted in the system and the other is held by the culprit . The city was insured and ended up having to pay Attack.Ransom around $ 5,000 in out of pocket expenses as well as added a firewall security to prevent future attacks .