Ransomware Attack Compromises Customer PHI at Direct Scripts
Who: Direct Scripts
When: 13 Mar 2019
# of records involved: 9,319
What happened: Direct Scripts discovered that it was the victim of a ransomware attack that affected customers’ records.
How did it happen: This ransomware attack locked the server that stored Direct Scripts’ customers’ information.
Outcome: Direct Scripts launched an investigation and engaged an independent forensics firm to assist in determining what happened and whether any individuals’ protected health information (“PHI”) had been accessed or acquired without authorization. While there is no evidence that any sensitive or personal information has been misused, Direct Scripts has sent notification letters to all potentially impacted customers to notify them of the incident and to provide resources to assist them.