Ethical hacking specialists affirm that a ransowmare infection has compromised the information of over 85k patients of the Grays Harbor Community Hospital, in the US.
About a month ago, hospital IT staff detected
some encrypted files in databases that store patients’ medical records.
Subsequently, hospital employees received the ransom note sent by the
attackers.
To make matters worse, attackers added a rare code as an additional encryption measure, complicating an eventual recovery process, as mentioned by ethical hacking specialists. The picture is exacerbated by the possible inconveniences this incident could generate for the more than 100 patients currently staying at the hospital.
After securing the network, hospital staff,
with the help of a group of experts in external ethical hacking, began the
process of retrieving information, although multiple areas of the hospital’s IT
infrastructure remain blocked and inaccessible to the hospital staff.
The organization, located in the Aberdeen region,
in Washington, says it has no strong evidence to believe that any personal information
has been leaked outside its databases, and clinicians and staff continued to
care for patients.
According to ethical hacking specialists from
the International Institute of Cyber Security (IICS) most of the health
information contained on its systems was at risk, including Social Security
numbers and other sensitive personal data, and unfortunately the hospital has
been unable to fully recover all of the data that was compromised by threat
actors.
Affected patients are getting one year of
credit monitoring services for free as a security measure. Grays Harbor
Community Hospital is working with cybersecurity experts to improve its
network’s malware protection systems, the network’s real-time monitoring software
and the network’s operating system, as mentioned though a statement.
Additional details, as well as technical
information about the attack, are still unavailable, but further statements are
still expected by the cybersecurity community.
