Oklahoma City, OK
Notice to our Patients of Data Security Incident
NorthCare is committed to protecting the confidentiality and security of our patients’ information. Regrettably, this notice is about an incident that involves some of that information.
On June 1, 2021, NorthCare became aware of unusual activity on its computer network. After immediately investigating the unusual activity, NorthCare determined that it was a victim of a ransomware attack. The investigation revealed that the attackers had obtained access to NorthCare’s computer network beginning on May 29, 2021, at which time they attempted to encrypt data. As soon as NorthCare became aware of the attack, it took steps to contain it and has since been able to restore its system and limit access to its computer network.
Because the attackers had access to unsecured data on NorthCare’s computer network, NorthCare has concluded that the attackers may have gained unauthorized access to the personal health information of past and current patients. While the forensics investigation is still ongoing, NorthCare has determined that the following types of personal information were involved in the incident: full name, social security number, addresses, date of birth, medical diagnoses While the forensics analysis is still ongoing, once it is complete, we will send notification letters to patients whose information was included in the security incident.
We take the protection of our patients’ personal health information seriously and are taking steps to prevent a similar occurrence. After learning of the ransomware attack, NorthCare began working with forensic experts and the Federal Bureau of Investigation (FBI). By working with technical experts, NorthCare was able to restore its system by using its backups and has since limited access to its computer network. Because NorthCare was able to recover its system using its backups, it did not pay a ransom to the attackers.
To help protect the identity of those impacted by this security incident, we are offering complimentary access to identity monitoring, fraud consultation, and identity theft restoration services. Instructions for activating these services will be contained within the notification letters sent to affected patients.
For more information, we recommend our patients call with questions at 855-715-8889 Engagement number B015432, Monday through Friday, between 8:00 am and 5:00 pm CST.