A ransomware attack on CompuGroup Medical, a medical software company, resulted in a “technical disaster,” according to the company. The corporation said the attack impacted the availability of some internal services, including as email and phones, in a notification posted to its website on December 20 at 4:50 p.m. Eastern Time. CompuGroup said at the time that it had no indication that the attack had impacted client systems or data, a statement it reiterated the next day in a blog post.
The company reported it has made headway in resolving service issues by 2:30 p.m. Eastern time on December 22. CompuGroup claimed that during the course of the day, it was able to set up emergency phone numbers and substitute email accounts for customer support. Internal systems were progressively restoring normalcy as well.
According to a breach report submitted to the Office of Civil Rights at the US Department of Health and Human Services, 398,164 people were affected. Mon Health, situated in West Virginia, first became aware of a problem in late July, when a vendor reported not receiving payment, according to a news statement.