The Womens Health care group of Pennsylvania, with 45 offices throughout the state, has notified 300,000 of its patients that a ransomware onset has set their personal health information at risk.The health system discovered a server and workstation at i of its practices was infected by ransomware on May 16. Officials said the infected server and workstation were removed from the network, before officials launched an investigation by a computer forensics team.The investigation revealed the cybercriminals began hacking the system as early as january 2017, by leveraging a surety vulnerability. Officials said the surety flaw allowed limited access to patient information before it encrypted certain files.The health system couldnt determine if patient info acquired or viewed. The data stolen by hackers included names, Social certificate numbers, birth dates, pregnancy histories, blood type information, lab results, medical register numbers, insurance info and medical diagnoses. Officials said the encrypted files were restored from backups and didnt disrupt patient care.