Separate ransomware attacks strike New Mexico city, Indiana health care provider
Separate ransomware attacks strike New Mexico city, Indiana health care provider

A New Mexican city of roughly 45,000 people and an Indianan hospital operator have fallen victim to separate ransomware attacks this month.

In a Jan. 17 press release, the city of Farmington, NM acknowledged via press release that municipal computers running its business operations were infected with SAMSAM ransomware in a Jan. 3 attack.

"The City apologizes for the temporary inconvenience our customers may have experienced during this time," the release states, noting that the city has been working with the FBI. "Nearly all business systems related to customer service operations have been restored."

Farmington claims that employee and city customers information was not breached, and that the city's email systems, public administration system, and public safety services were never affected.

On Jan. 18, a Farmington Daily Times report cited a text message from City Manager Rob Mayes, which said the city was able to recover the encrypted information without having to pay the ransom of three bitcoins.

Meanwhile, a Jan. 18 report from Fort Wayne-area news outlet wane.com states that Decatur, Ind.-based Adams Health Network, operator of Adams Memorial Hospital, confirmed that its computers servers were impacted by a Jan. 11 ransomware attack.

Another Indiana-area health care provider, Hancock Regional Hospital in Greenfield, was also infected with ransomware on the same exact date, although it is not clear if the attacks were related.

The report further states that about 60 to 80 patients were impacted after an outpatient clinic and several physicians were unable to access patient histories and appointment schedules. Scheduling capabilities are confirmed up and running at this time, but the IT department continues to restore the servers.

"While AHN did experience a business interruption throughout the weekend as we worked to restore the affected severs, there was never an interruption in patient care," the health care provider said in a statement, according to wane.com. "We are continuing to assess the severity of the situation, but at this time we believe no patient files have been accessed. At no time during this event has the quality and safety of patient care been affected."

Also, in unrelated localized news, the New York State Department of Education disclosed in a Jan. 18 press release that the personally identifiable information of 52 students in five schools were compromised in a third-party vendor data breach.

The vendor in question is Questar Assessment, Inc., an Apple Valley, Minn.-based testing service with whom the affected students had registered for computer-based testing in Spring 2017. Questar provides this service to New York States schools for grades three through eight.

Citing Questar, the State Education Department explained in its release that an unauthorized user, suspected to be a former employee, accessed an internal Questar user account from Dec. 30, 2017 to Jan. 2, 2018 and viewed student data including names, New York State Student Identification numbers, schools, grade levels and teacher names.

"While we are thankful this incident is isolated to only a small portion of students, any breach of data is unacceptable and we are holding Questar accountable,” said State Education Department Commissioner MaryEllen, in the press release. "We have referred this matter to the Attorney General's office for investigation. In addition, we have required that Questar take immediate corrective action to ensure this does not happen again."

New York State officials claim Questar privately disclosed the breach to them on Jan. 16. SC Media has reached out to Questar for comment.