Memphis/ Health & Lifestyle
AI Assisted Icon
Published on March 20, 2024
Ransomware at Regional One Health Exposes Memphis OB/GYN Patients' DataSource: Google Street View

A security breach at Regional One Health may put former OB/GYN patients at risk after their personal health information was compromised, officials have warned. Personal data from a University of Tennessee Health Science Center (UTHSC) affiliated server was apparently exposed following a ransomware attack that hit KMJ Health Solutions Inc., according to a report from Local Memphis. The breach was discovered after a server outage occurred on November 29, 2023, with the attack confirmed later by the host provider, LiquidWeb.

Data on KMJ’s server related to patient visits to Regional One Health span between November 2014 and November 2023, Regional One Health warned, potentially affecting thousands of individuals. The compromised data included sensitivity details such as names, medical record numbers, ages, allergies, diagnoses, laboratory results, and other medical specifics, detailed a report by Ground News. Despite the breach, ROH officials are claiming that no financial information or social security numbers were involved in the incident.

In an attempt to quell concerns, ROH has communicated that the leaked information does not pose "any significant risk of identity theft or harm to their credit" for those potentially impacted. However, they are urging patients to be vigilant and to monitor any unpredictable or suspicious contact from parties claiming to require their personal information, as stated in a report from UTHSC News.

Meanwhile, KMJ Health Solutions is working on bolstering security measures and introducing new protocols to prevent further breaches. "It does not appear that affected patients face any significant risk of identity theft or harm to their credit," ROH added in a statement obtained by Local Memphis, aiming to reassure patients about the relative safety of their financial information. This follows post-breach actions such as server reformatting and hiring a cybersecurity firm to evaluate threats to their systems. Nevertheless, a complete assessment of the damage remains ongoing.