Email Account Breach at Ron’s Pharmacy Services

Ron’s Pharmacy Services , based in San Diego, has reported that an email account that held limited protected health information has been accessed by an unknown person.

Suspicious activity was noticed on a staff member’s email account on October 3, 2017 leading to an investigation; however, it was not until December 21, 2017 that it was discovered that an unauthorized person had accessed messages in the email account that included patient data.

A review of the emails in the account indication only a limited amount of PHI was accessed: Names, internal account details, and payment adjustment information, while a restricted number of patients also had details of their prescription medications accessed. While PHI access was discovered, Ron’s Pharmacy is unaware of any misuse of patient data. Ron’s Pharmacy has now alerted patients about the breach and reported the incident to the appropriate bodies.

In its February 2 substitute breach notice, Ron’s Pharmacy described how rapid action was taken to safeguard the account and prevent additional access. Login credentials were altered, and a third-party computer forensics company was contracted to complete a thorough investigation to determine the manner of the attack, its scope, and how access to the account was obtained.

Staff members have received additional training while policies and procedures have been refreshed to enhance defenses against future cyberattacks of this manner.

The breach report sent to the Department of Health and Human Services’ Office for Civil Rights (OCR) show 6,781 people were affected by the breach.