By Rudra Srinivas
Cyber-attacks on healthcare organizations has become a trend in the last few years. With sensitive information of their patients with them, healthcare providers have become a hot favorite for attackers. According to Beazley Breach Insights Report, healthcare organizations have suffered the highest number of data breaches in 2018 than any sector in the U.S. economy.
In 2019, healthcare firms continued to be primary targets of cyber-attacks with several data breaches and ransomware attacks taking major headlines again. The financial health of the healthcare industry might get even worse with data breaches expected to cost US$ 4 billion by the end of the year.
The recent outbreak of ransomware attacks on hospitals and healthcare providers shows the serious threat these attacks vectors can pose. Here are seven times when ransomware attacks took a toll on the healthcare sector.
DCH Medical Center:
DCH Health System in Alabama paid an undisclosed ransom to hackers to unlock its IT system, after three of its hospitals were attacked in October this year. According to reports, the attack affected the IT systems of the DCH Regional Medical Center, Northport Medical Center, and Fayette Medical Center from West Alabama’s Tuscaloosa, Northport, and Fayette.
The affected hospitals turned away new patients and even canceled several surgeries. The government authorities later stated that they’re working with the affected health services and cybersecurity professionals to investigate the incident.
Multiple Hospitals in Australia:
Network systems at several hospitals and healthcare services in Gippsland and south-west Victoria were targeted by a ransomware attack. The attack blocked access to several systems including financial management and led to the deletion of several patients’ records, as well as booking and management systems, which may have impacted patient contact and scheduling. However, the Victorian government clarified that there was no sign of patients’ data being stolen.
Premier Family Medical at Utah
Protected Health Information (PHI) of more than 300,000 patients of the physician group named Premier Family Medical at Utah was compromised in a ransomware attack in September. The group confirmed the attack but didn’t disclose the number of patients affected.
According to an official statement, the incident occurred on July 8, 2019, that barred access to patients’ data and other network systems. The physician group stated that it notified law enforcement authorities about the attack and appointed a technical team to investigate the issue and regain access to its systems and patient data.
NEO Urology in Boardman, Ohio suffered a ransomware attack after hackers breached its entire IT system and left all its data encrypted. According to an official statement, the hospital authorities paid US$ 75,000 ransom to hackers to unlock their data. An investigation by the company revealed the attack had likely originated from Russia.
Harbor Medical Group
Hackers infected Grays Harbor Community Hospital and Harbor Medical Group with ransomware and demanded a payment of US$ 1 million to unlock patients’ files. Washington-based hospitals also faced downtime issues. According to the reports, the attack had triggered after an employee clicked on a malicious link containing ransomware.
Wood Ranch Medical
Wood Ranch Medical decided to permanently close its services after it failed to recover patients’ records that were encrypted in a ransomware attack on August 10, 2019. The California-based health services provider stated that it would be impossible to rebuild its medical records and will close its practice and cease operations on December 17, 2019.
Health Alliance Plan
Around 120,000 Health Alliance Plan patients were affected in a ransomware attack. The health service provider stated their personal and medical data were breached after a ransomware attack hit its third-party vendor Wolverine Solutions Group. The compromised data included patients’ names, addresses, dates of birth, Social Security numbers, insurance contact details and numbers, medical data, and phone numbers.
Rudra Srinivas is part of the editorial team at CISO MAG and writes on cybersecurity trends and news features.