Oxford medical clinic’s server attacked by suspected Russian hackers

Published 12:52 pm Friday, September 30, 2016

The FBI is investigating a major data breach after suspected Russian hackers attacked the server at Urgent Care Clinic of Oxford and held it for ransom.

The breach, which was discovered in August, happened sometime in July 2016, according to a letter released today that the clinic sent to the last known address of every patient in its system.

A forensic analysis of the server determined the attack was likely carried out by Russian hackers, who gained access to the personal information of nearly 58,000 patients in its system, including names, addresses, social security numbers and health information.

Email newsletter signup

“Unfortunately, we cannot say which patients specifically may have been affected by this data breach,” the letter read.

Urgent Care is offering every patient a year of free credit monitoring through Equifax and urges patients to regularly check all credit card and bank accounts for suspicious activity.


Read the letter in its entirety: 

Dear Patient,

We are writing on behalf of Urgent Care Clinic of Oxford (“Urgent Care”), where you have been a patient of ours. We are sending this letter as part of Urgent Care’s commitment to privacy. Sometime in early July of 2016, Urgent Care’s server was attacked by hackers. The breach was discovered on August 2, 2016, when Urgent Care staff noticed the computer system running more slowly than usual. The hackers held the server for ransom before turning control back over to the Urgent Care staff.

Urgent Care immediately reported the incident to the FBI, which continues to investigate. After regaining control of the server, the clinic shut down the server’s remote access, which had been enabled for technical support for the clinic’s electronic medical records, so that no one can now access the server fromoutsidetheUrgentCare facility to prevent this type of event from happening again.

Urgent Care also immediately hired an expert to engage in a forensic analysis of its server to determine who the hackers were and what information they may have had access to. The investigation revealed it is very likely that the attack was carried out by criminal Russian hackers. These hackers gained illegal access to the clinic’s server which included patients’ names, social security numbers, dates of birth, and other personal information, as well as any health information on file. Unfortunately, we cannot say which patients specifically may have been affected by this data breach.

You should regularly check all credit card and bank accounts to ensure all activity on them is familiar to you. If you notice any suspicious activity, report it to the appropriate financial institution immediately.

If you would like an added measure of security, Urgent Care is offering one (1) year of free credit monitoring via Equifax. This service will watch for and report to you any unusual activity, such as any new accounts created in your name. To take advantage of this offer, please visit www.myservices.equifax.com/silver. For more information on the credit monitoring service or the breach incident in general, please call 844-607-1702 between the hours of 8 a.m. and 8 p.m. central time, Monday through Friday; however, the number will not be active until 5 p.m. tonight (Friday).

We understand this may pose an inconvenience to you, and we sincerely regret that this situation has occurred. Urgent Care is committed to providing quality care and service to all its patients, and that includes keeping your personal information as safe and secure as possible.


Dr. Willis Dabbs
Dr. David Coon