More than 3.3 million southern Californians had their personal health information stolen during a ransomware attack, reports Regal Medical Group, one of the largest Southland medical groups.
Regal reported the hacking incident on Feb. 1 to the Department of Health and Human Services as affecting several of its affiliated medical groups, including Lakeside Medical Organization and Affiliated Doctors of Orange County and Greater Covina Medical Group.
The medical group of more than 3,000 primary care doctors says it became aware of the breach on Dec. 8, and the data compromise occurred about a week earlier.
Regal employees had noticed difficulty in accessing some of the organization’s servers, the notice says. After an extensive review, malware was detected on some of Regal’s servers, which a threat actor used to access and exfiltrate data, the notice says.
Patient data potentially compromised in the incident includes names, Social Security numbers, addresses, birthdates, diagnosis and treatment information, laboratory test results, prescription data, radiology reports, health plan member numbers, and phone numbers.