Cyber Attacks Threaten Healthcare Organizations

In 2019, we saw the most cases of ransomware attacks we’ve seen in a long time. However, in 2020, with the rise of COVID-19 and the vulnerabilities it broughtthe numbers weren’t projected to improveand they didn’t

By the end of November, more than a dozen large healthcare delivery organizations had been affected by cyber attacks. Two of these being in Florida. If large organizations are at risk of cyber attacks, it’s not hard to imagine that small businesses are just as vulnerable, if not more 

ACTS ATTACK 

A cyber attack on Tampa’s Agency for Community Treatment Services, Inc. (ACTS) from October 21, 2020 was detected on October 23 when ransomware was deployed into their systems and encrypted data to prevent access. These systems contained patient names, dates of birth, Social Security numbers, and medical records holding information related to the services provided to patients between 2000 and 2013.

Due to the extensive efforts made by the attackers to conceal their activity the investigation did not uncover any concrete evidence to show patient data had been accessed or stolen. However, this is still a possibility. 

ACTS was able to restore the encrypted data from backups and did not pay the ransom. Steps have continually been taken by ACTS post-breach to strengthen security and prevent further attacks along with providing complimentary credit monitoring and identity theft protection services to all affected individuals. 

LEON MEDICAL CENTERS ATTACK 

Another ransomware attack still being investigated was on Leon Medical Centers, a network of 8 medical centers in South FloridaPrior to deploying ransomware, the attackers threatened to publish patient information publicly if their ransom demands were not met. They claimed to have obtained over 1 million patients’ medical records, names, addresses, social security numbers, and even their photographs among other identifying information. This claim, however, was found to be exaggerated.  

The attack, which occurred prior to December 23, 2020, is still under investigation and it is not clear if and how many people were affected. 

PROLIANCE SURGEONS ATTACK 

Proliance Surgeons in Seattle, WA has also suffered a cyberattack on their corporate website in which patient credit card information may have been obtained by the attackers. No other protected health information was involved and the credit card information at risk only belonged to patients who paid for their services online. The attackers had access to the website between November 13, 2019 and June 24, 2020 according to an investigation.  

The cause of the breach has since been identified and addressed and a new website with a different payment platform has been implemented, which has superior security. 

Proliance has coordinated with the major payment card providers to prevent unauthorized charges on the affected cards. 

WHAT DOES THIS MEAN FOR US? 

With the threat of COVID-19 not slowing down any time soon, these 2020 cyberattack trends are expected to carry over into 2021. Investing in extensive cyber security measures is crucial in order to keep individuals and organizations safe from malicious attacks such as these. Ransomware remains the biggest cybersecurity threat, a further reminder of the need for proactive security measures.  

Visit our website www.wheelhouseit.com or give us a call at (877) 771-2384 to schedule a consultation with WheelHouse IT. Our network security solutions will help prevent malicious attacks from hacking to spamming to help keep your business and its data protected. 

Click here https://get.wheelhouseit.com/cybersecurity-checklist for our Ultimate Cybersecurity Checklist. An easy-to-follow checklist that will allow you to increase your cybersecurity and protect your data and devices. 

Contact Us Today!

cybersecurity-checklist-1

 

Let's Start a Conversation

Watch the video below and find out why you should fill out this form and start a conversation today.

"*" indicates required fields

Name*
SMS Consent*
This field is for validation purposes and should be left unchanged.