The National Capital Poison Center (NCPC) in Washington, DC has published notice of a ransomware attack it suffered back in 2017.

According to the news release (PDF), the critical health resource detected a ransomware infection on its systems in October 2017. It then launched an investigation into the matter with the assistance of a third-party forensic expert. Here’s what the NCPC has learned so far:

While this investigation is ongoing, on November 27, 2017, NCPC determined that unauthorized access to a database server occurred on October 21, 2017, and that unauthorized access to the data stored on that server cannot be ruled out. The possibly affected database contains information provided during calls made to or from the center between January 1997 and October 21, 2017.

The NCPC goes on to clarify that the affected database did not contain Social Security Numbers, passport data, or any type of financial information. Instead it consisted of personal information collected during call center calls like a person’s name, date of birth, address, phone number, email address, and medical recommendations discussed over the phone.

At this time, it’s unclear what ransomware struck the NCPC, whether it paid the ransom or restored from backups, and how many people the attack might have affected.

Dr. Toby Litovitz, Executive and Medical Director of NCPC, urges those concerned by the possible exposure of their personal information to reach out to the Center:

NCPC takes the security of information stored on our systems very seriously, and we understand this incident may cause concern or inconvenience. We continue to work with third-party forensic investigators to ensure the security of our systems, and encourage people to contact us at 877-218-3009 (U.S. and Canada callers) or 814-201-3664 (international callers) with any questions or concerns.

The NCPC currently lacks complete contact (Read more...)