Colorado-based Allergy, Asthma & Immunology of the Rockies, P.C. (AAIR) has discovered that it became the victim of ransomware. The company realized what had happened on May 16 when it had difficulty accessing documents. A ransom note was discovered in the server, but it is believed that the hacker was testing the ransomware. The believed number of patient records stolen is 6,851. Once the breach was discovered, the servers were shut down and a forensic analysis of the network was conducted. While AAIR has not reported what files were infected, it has been reported that the server did contain protected health information (PHI), which contain Social Security information and test results. There have been several instances of ransomware attacks on healthcare providers this year, including MedStar Health and Hollywood Presbyterian Medical Center.
Although the attack was realized a few months ago, the information concerning the breach has recently been brought up. Thankfully the attack was discovered early, preventing the ransomware from fully installing. Early detection was critical in minimizing the damage caused by the breach. Due to the fact that it was shut down early, the cybersecurity firm was unable to determine an identity to the hacker.