A multitude of healthcare organizations have been hit by cyber attacks even in just the first few months of this year. Unfortunately, this is not uncommon, being that the healthcare industry is one of the most frequent targets of cyber attackers. Last year saw some of the largest healthcare breaches, but it seems this year is on track to keep up. We have not yet seen an attack on the scale of Banner Health like last year, but numerous organizations have already been hit in 2017. In one of the most recent attacks, Austin Urology was infected with ransomware.
The clinic, which has several locations throughout central Texas, had sent a letter this past week to 279,663 patients, warning that their records, including medical information, may have been compromised. It has been reported that the attack potentially gained access to information such as names, addresses, dates of birth, and social security numbers. The attack had happened on January 22nd, but fortunately was discovered and addressed rapidly. The letter said, “Within minutes, we were alerted to the attack, our computer network was shut down, and we began an investigation.” Though, even with the quick reaction time, data on the clinic’s servers still ended up encrypted.
How the System Was Infected
It appears that the ransomware was injected into the clinic’s system through a phishing attack. According to the breach notice provided to the California attorney general’s office, employees have been retrained regarding patient privacy, security, and suspicious emails, which implies this was the vector of attack. This would make sense, as malicious emails are one of the most common ways for attackers to infect systems with malware. A single unsuspecting employee clicking on a link or attachment can lead to the infection of entire systems or networks.
The clinic took immediate action to mitigate various parts of the situation. They have stated that they are not aware of the records being misused, but the clinic is providing those patients affected with a free one-year subscription to a credit monitoring service. “We take the security of all information in our systems very seriously and we have taken steps to prevent a similar event from occurring in the future, including improving our network security, updating our system backups and retraining our employees regarding suspicious emails and patient privacy and security,” stated the letter. “We sincerely regret any inconvenience or concern that this matter may cause you, and remain dedicated to protecting your information.”
Taking immediate responsibility and mitigative steps for a breach is vital, as this is what can allow an organization to recover from it. A breach can damage trust, reputation, and critical information, and so it is important to display to the public that it is being handled. It appears that Urology Austin is taking all of the appropriate steps to handle the breach and maintain confidence with their clientele.
Protecting an Organization With Cyber Security Intelligence
Modern cyber threats and attackers are extremely clever and sophisticated. They are adept at breaking through or circumventing traditional reactive security methods. This is why they must be predicted and proactively defended against, which is where cyber security intelligence plays a critical role. Cyber security intelligence is data in regard to the patterns and indicators of a threat that is relayed to an organization, which allows them to defend against these threats before they attack. Massive Alliance provides cyber security intelligence services that can help an organization to fortify against malicious threats and attackers.