VPN Solutions Data Incident

Apple Blossom Family Practice (“Apple Blossom”), recently learned about a data security incident experienced by one of its vendors, VPN Solutions, LLC (“VPN”), which resulted in the unavailability of the personal information of Apple Blossom’s patients. VPN hosts and maintains a practice management and electronic health records platform (the “VPN Platform”) that is utilized by health care providers, including Apple Blossom.

On October 31, 2021, VPN advised Apple Blossom that VPN had been the target of a ransomware attack. Since that time, the VPN Platform has been offline. The VPN Platform contains Apple Blossom’s patients’ clinical, demographic and financial information. Despite numerous, repeated requests from Apple Blossom, VPN has not restored the VPN Platform and has been unable to provide Apple Blossom with a date by when the VPN Platform will be restored and fully functional. VPN has indicated that it currently does not believe that any of Apple Blossom’s patient information has been viewed or acquired by an unauthorized party.

 

Due to the unavailability of the VPN Platform that contains patient contact information, Apple Blossom is unable to notify its patients of the incident by mail. Patients with questions may call Apple Blossom at (540) 678-0792 between 9:00 a.m. and 5:00 p.m. EST, Monday through Friday.