Cyber-attacks are usually centered around finding vulnerable areas and victims to exploit. This is probably why the healthcare sector has always been a rich target for hackers. Statista reported that the healthcare industry is one of the most vulnerable sectors to cybercrime.
Ransomware attacks have gained popularity in the sector as well. This is due to several reasons – mostly surrounding the critical nature of healthcare itself. Hackers are more likely to have a ransom paid when lives and confidential medical records are at stake.
MCNA Dental Ransomware Attack
Recently, the Managed Care of North America Dental insurance company was the victim of a ransomware attack that affected 8.9 million patients. MCNA Dental prides itself in being the largest dental insurer in the US for government‑sponsored Medicaid and CHIP programs. The company has been operational for almost 30 years with over 5 million members across 8 states.
MCNA Dental admitted in a statement that on the 6th of March, it became aware of certain unauthorized activity in its computer system. The insurer learned that the hackers were able to “see and take copies of some information” in its computer system between the 26th of February 2023 and the 7th of March 2023.
The company revealed that the information seen and taken included patient names, addresses, dates of birth, phone numbers, and email addresses. More confidential information was also taken in the form of patient social security numbers, driver’s license numbers, and Government-issued ID numbers.
The company’s health insurance information was also exposed in the data breach and included plan information, insurance companies, Medicaid-Medicare ID numbers, as well as information on braces care, treatment, bills, and insurance claims. Letters have since been sent to those individuals whose personal information may have been involved. The company also assured those affected that it would be providing an identity theft protection service for one year without cost.
MCNA Dental revealed in its data breach filing with Maine’s attorney general that the information of over 8.9 million people was compromised. This makes the attack the largest cyber breach this year to date.
According to TechCrunch, the LockBit ransomware group has taken responsibility for the cyber-attack. The notorious hacking group claims to have published all of the stolen files from MCNA Dental after the company refused to pay a US$ 10 million ransom demand.
A listing on the group’s website suggests that it has up to 700GB of data for the MCNA Dental breach. The data was uploaded to the gang’s website on the 7th of April and is now for sale on the dark web.
Cyber-Attacks in the Healthcare Industry
As mentioned before, the healthcare industry has been no stranger to ransomware attacks in the past few years. Healthcare ransomware has become increasingly common. Some other recent notable incidents in the sector include:
Enzo Biochem Ransomware Attack
On the 6th of April, the biotechnology company Enzo Biochem revealed that it was also the victim of a ransomware attack. The breach exposed the clinical test information of almost 2.5 million patients. The New York-based company manufactures treatments for cancer, metabolic, and infectious diseases. They also provide testing services for a variety of transmissible diseases - including COVID-19 and STDs.
While the company managed to remain operational by disconnecting its systems from the internet, Enzo Biochem discovered on the 11th of April that the hackers had accessed and stolen sensitive data from the company’s systems.
The breached data included the clinical test information of 2,470,000 individuals and approximately 600,000 Social Security numbers.
Harvard Pilgrim Health Care Ransomware Attack
Harvard Pilgrim Health Care (HPHC) revealed in April of this year that it too suffered a ransomware attack. The hack affected and compromised the data of 2,550,922 people.
The non-profit health services provider shared in a notice that the information exposed included names, physical addresses, phone numbers, dates of birth, health insurance account information, Social Security numbers, provider taxpayer-identification numbers, and clinical information.
The company revealed that those impacted would include providers currently contracted with Harvard Pilgrim and both current or former members of Harvard Pilgrim between March 28th of 2012 and April 2023.
Currently, the company’s investigation is still in progress and written notifications of the breach to those affected are expected to be processed by the 15th of June 2023.
Source: https://www.paubox.com/
An Illinois Hospital Closes Due to Ransomware
St. Margaret's Health in Spring Valley, a hospital in Illinois, USA, is set to close on June 16 2023 and experts attribute its closure in part to a devastating cyberattack - making it the first healthcare facility that links criminal hackers to its shutdown.
In February 2021, a ransomware attack hit St. Margaret's Health in Spring Valley. The incident temporarily halted its ability to file claims to insurers, Medicare, or Medicaid, which triggered the hospital's financial instability and sent it into a downspin.
According to Suzanne Stahl, the chair of SMP Health, the hospital's parent organization, the shutdown is attributed to several factors, including the Covid-19 pandemic, the cyberattack, and a shortage of staff.
How To Safeguard Patient Data
Healthcare is a critical sector and the data involved often includes confidential information that could lead to patients being victims of ransomware and phishing attacks. This is why it’s important to treat healthcare data breaches seriously. Some pointers on how to safeguard patient data include:
- Regularly updating your software and systems.
- Using security policies that protect endpoints.
- Doing regular security assessments to find flaws or vulnerable areas in your network.
- Creating and regulating a work environment where cyber hygiene and diligent cyber safety practices are critical.
- Encrypting your patient files and data in all correspondence and storage.
- Investing in leading cybersecurity solutions that value your data integrity.
Sangfor Technologies is a globally recognized cybersecurity and cloud computing provider. Apart from offering state-of-the-art solutions and platforms to secure your network from cyber-attacks, Sangfor understands the intricacies of cybersecurity in the healthcare sector.
This is why Sangfor’s range of trusted and integrated security products and platforms will ensure that patient data is always protected with reliable, advanced, and innovative solutions.
- Sangfor’s Endpoint Detection and Response (EDR) solution is used to go beyond traditional antivirus and anti-malware software. Using Engine Zero – an AI-powered malware detection engine - and the Neural-X threat intelligence platform to deliver unrivaled malware protection at all endpoints in your network.
- Additionally, the Sangfor Next Generation Firewall (NGFW) is used to identify malicious files at both the network level and endpoints. The advanced firewall is designed to inspect network and application traffic for threats, secure the network environment from intrusion, and bring in security intelligence from outside the network.
- The Cyber Command (NDR) Platform then helps to monitor for malware, residual security events, and future potential compromises in your network. The solution is coupled with Threat Intelligence and an enhanced AI algorithm to keep you updated with any vulnerabilities in the system while ensuring your data is always kept strictly protected and consistently monitored for lingering threats.
For more information on Sangfor’s cyber security and cloud computing solutions, visit www.sangfor.com.
