Arkansas Oral & Facial Surgery Center (AOFSC) was recently hit with ransomware that shut down access to health information of its patients and rendered some of it imaging files, including X-rays of patient inaccessible.

On July 26, 2017, AOFSC became aware that a hacker was able to infiltrate its system and demand a ransom for the ability to access patient information. The ransomware did not allow the center to access patient data of patients who had been treated at the center over the past three weeks, and imaging files, including X-rays were inaccessible.

The information on the X-rays involved in the incident included patient names, addresses, dates of birth, Social Security numbers, clinical information included diagnosis, treatment plans, and [possibly] health insurance information. It is unclear why such sensitive information, including Social Security numbers and health insurance information, is included on X-rays. The surgery center is offering the patients one year of free credit monitoring.