Data breach exposes information of more than 200,000 MultiCare staff and patients

Woodcreek Provider Service is a medical practice management company in Washington USA that provides support to pediatric clinics and urgent care centers owned and operated by MultiCare Health System, including some that were previously owned and operated by Woodcreek Healthcare. 

Woodcreek Provider Services contracts with Netgain Technology LLC to host its information technology network and computer systems. In late 2020, Netgain Technology suffered a ransomware cyber-attack. The attackers may have had access to personal information and/or protected health information of Woodcreek Provider Services employees, healthcare providers, applicants, contractors, and individuals receiving services delivered by MultiCare Health  Systems and/or Woodcreek Healthcare.

The information included names and addresses, medical record numbers, dates of birth, social security numbers, health insurance policy and identification numbers, insurance claims, explanation of benefits, statements, clinical notes,  referral requests, laboratory reports, decision not to vaccinate forms, authorization requests for services, treatment approvals, records requests, immunization information, vaccine records,  prescription requests, release of information forms, subpoena records requests, medical record disclosure logs, incident reports, invoices, correspondence with patients, student identification numbers, bank account numbers, employment related documents, court documents, Drug Enforcement Agency certificates, payroll withholding and insurance deduction authorizations, benefit and tax forms, employee health information and some medical records.

Woodcreek Provider Services has taken steps to improve the security of data under its control by taking steps to enhance cybersecurity protocols and practices. Woodcreek Provider Services has also received written assurances that Netgain Technology has added security enhancements within its network to proactively safeguard against future threats.

The information was retrieved after an undisclosed ransom was paid, according to Woodcreek Provider Services, in a public announcement issued March 9th 2021.

Woodcreek received confirmation of the data involved in the incident on January 18th 2021 and is sending written notification to each affected individual offering identity theft protection services and/or complimentary credit monitoring services. If you have any questions about this incident, please call 1-833-726-0944 or visit 

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: