Hawaii Radiologic Associates completed its investigation into a cyberattack on Oct. 20 that resulted in the closure of all its facilities.
HRA Executive Director Ryan Parnell confirmed Wednesday that a breach of the protected health information of patients did not occur, and that all data has been secured.
“Based on the available evidence and the third-party investigation, a breach of (protected health information) did not occur as a result of this incident,” Parnell told the Tribune-Herald via email.
Parnell also confirmed it was a ransomware attack, a type of malicious software, or malware, that threatens to publish or block access to data or a computer system, usually by encrypting it, until the victim pays a ransom fee to the attacker. He did not say whether HRA paid any ransom.
Instances of ransomware attacks have increased throughout the state, with one attack infiltrating and shutting down the timekeeping services for employees at the Board of Water Supply and Emergency Medical Services on Oahu in December 2021.
The rescheduling of canceled HRA patient appointments occurred shortly after the attack, and by Nov. 14, all HRA offices and clinics were officially reopened.
“We dedicated resources to rescheduling before taking calls for new appointments,” said Parnell. “However, there have been patients that either couldn’t be reached or haven’t returned our attempts to make contact. At this time, our scheduling department has resumed normal operations.”
Residents of East Hawaii hoping to reschedule appointments at the Hilo HRA location can call (808) 933-2540.
As a security measure to prevent any systemwide outages in the future, Parnell confirmed HRA is “transitioning to a third-party for network security and management.”
Email Grant Phillips at gphillips@hawaiitribune-herald.com.