On June 27, 2017, Nuance Communications (“Nuance”), a Massachusetts-based company providing voice transcription services to many health care providers, including some Wisconsin health care providers, was hit by NotPetya malware.
NotPetya is named after the Petya ransomware that it impersonates but, instead of requiring payment to restore data as Petya did, NotPetya destroys all data and causes permanent damage to a computer’s hard drive.
Nuance explained that “as soon as we became aware of the malware, we immediately took measures to contain it and assess the extent of its effects on our network, including taking certain systems offline regardless of whether they had been impacted.”
Nuance also reassured its customers that “there is no evidence to suggest that any customer information has been removed from the network.”
Nuance reports that it is still trying to repair damage caused by the malware and has since been offering customers additional software solutions or the option to implement an alternative dictation service.
If you are a health care provider and use Nuance for transcription services, you may want to request written confirmation from Nuance that neither protected health information nor any customer confidential information were affected by the malware attack.