Woodcreek Provider Services said an investigation determined the breach happened sometime between November 24 and December 3, 2020, but it could’ve happened earlier.
TACOMA, Wash — A medical practice management firm that provides support to Tacoma-based MultiCare Health System has alerted over 200,000 patients, providers and staff that their personal information may have been exposed.
Woodcreek Provider Services announced Tuesday that after a ransomware attack of its tech vendor, the information was retrieved upon paying an undisclosed ransom.
Woodcreek said an investigation by its vendor, Netgain Technology, determined the breach happened sometime between November 24 and December 3, 2020, although it’s possible it was as early as September.
“The server containing Woodcreek’s medical records system was untouched; however, scanned clinical and financial data and other business records on an archive server was stolen by the attackers,” Woodcreek said on its website.
The information exposed in the attack includes names, social security numbers, health insurance policy numbers, bank account numbers, and other documents and personal information.
On Feb. 17, counsel for Woodcreek notified the Washington state Attorney General’s Office that it would send notifications to the people whose information was potentially compromised.
Woodcreek said it set up a website and call center for anyone impacted by the breach. The call center number is (833) 726-0944.
