Security researchers have spotted a surge of malware-based attacks against healthcare organizations in light of the recent influx of data breach announcements coming from prominent service providers in that sector. Such attacks have struck three major healthcare centers from mid-January to early-February, namely:
- Iowa's Southern Hills Eye Care
- Pennsylvania's Main Line Endoscopy Centers
- New York's DePaul Mental Health Center
Southern Hills Hit by Ransomware
The Iowan provider of eye care services reportedly fell victim to a ransomware attack on January 15. The ensuing investigation confirmed that the attackers might have accessed the medical records of more than 11,500 patients, including a broad range of personal data – names, birth dates, contacts, and social security numbers. However, we are kept in the dark whether the malware actors did exercise their option to collect the data and take advantage thereof. The healthcare has informed each affected patient and is supposed to be beefing up its data security mechanisms to reduce the prospect of new attacks.
Phishing Strikes in Pennsylvania and New York
A phishing attack via a compromised email account on January 30 resulted in the potential exposure of 14,305 patient records in Pennsylvania's Main Line Endoscopy Centers. The email account in question, which belongs to an employee of the organization, stored the patients' names, dates of birth, medical files, as well as driver's licenses and social security numbers. Main Line's officials have urged victims to keep a wary eye on their finances and report any irregularities which may have arisen from potential identity theft to the corresponding authorities in charge.
Shortly after Main Line, the New York-based DePaul Mental Health Center joined the ranks of malware-stricken healthcare institutions. In an identical scenario, hackers infiltrated an employee's email account to help spread malware to other patients. While the vast majority of the 41 thousand examined emails stored no important personal or medical data, a small portion did expose personal data belonging to an undisclosed number of DePaul's patients.
Pre-emptive Measures in Action
Following the attacks, all three organizations claimed to have taken pre-emptive measures to mitigate the risk of future attacks. DePaul intends to help patients with exposed social security numbers by providing free credit monitoring services for the next twelve months. Similarly, Main Line will be offering multi-factor authentication features, as well as additional anti-theft services for affected patients.