Six Healthcare Providers Added to Ransomware Data Leak Sites
August 12, 2024 – Published on The HIPAA Journal
Recent reports by Guidepoint Security indicate the number of active ransomware groups has increased in 2024, as has the number of attacks. The healthcare industry is a prime target for ransomware groups and there has been a recent flurry of listings on ransomware groups’ data leak sites.
The Surgery Center of Mid Florida has recently alerted patients about a network encryption event (ransomware). The attack was detected on or around February 21, 2024, when unusual network activity was observed. The investigation confirmed file encryption, with the initial hacking occurring at its IT vendor. The hackers then used the connection with the IT vendor to launch an attack on its network.
While the investigation found no evidence that patient information was viewed or acquired by the hackers, the decision was made to notify all 48,684 patients about the attack as unauthorized data access/theft could not be ruled out. Following the attack, the Surgery Center of Mid Florida terminated its contract with the IT vendor and contracted with a new vendor. Security measures have also been enhanced on its web server infrastructure to prevent similar attacks in the future.
In addition, firewalls have been replaced and enhanced, and data has been transferred to a secure, cloud-based electronic health record system and practice management software. It is currently unclear which ransomware group is behind the attack.
Read More HERE.