Cyber attacks have become one of the largest threats that our society faces. As we continue to implement further technologies in all areas of our operations, more systems come under risk. Many of our most critical and fundamental organizations and industries rely upon technologies that can all be potentially vulnerable. This is displayed by a recent cyber attack and resultant data breach of the University of Wisconsin (UW) Health, which lead to the information of 2,036 patients being compromised.
Details of the Data Breach
The breach had originally occurred on March 16th but was not discovered by UW Health until March 28th. They had found that an unauthorized individual had obtained access to an employee’s credentials and email account, along with the data files contained in the account. Upon discovering this, the university immediately disabled the account, reset the password, and began an investigation. The data in the account included patient names, dates of birth, addresses, provider names, service dates, medical history, reasons for visits, medications, and diagnostic results. Fortunately, the email account did not contain highly sensitive personal information, such as Social Security numbers, medical records, or financial information like credit card and health insurance numbers. The breach did not compromise the information of all patients, but only those within the email account. UW Health says that there does not appear to have been any use of the information.
UW Health has taken actions to address the breach, as well as assist those who were affected. They had begun sending letters to affected patients on May 25 to notify them of the breach, as well as set up a call center for any questions regarding the incident.
Universities, colleges, and their peripheral organizations can be quite large targets for cyber attackers. They can contain a wide range of digital information and assets, such as patient information in health centers, important research data, personal student data, and much more. The attacker may not even necessarily be after the information directly, such as in the ransomware attack upon LA Valley Community College earlier this year. Another example is the recent attack upon the University of New Mexico Foundation, in which the financial and personal information of donors was potentially compromised. There can be many subsections of universities and colleges, which makes them a treasure trove of illicit gains for attackers.
How Cyber Security Monitoring Helps to Mitigate Breaches
One of the largest factors that allow cyber attacks and breaches to cause extensive damage is the fact that organizations often do not detect them right away. This allows the threats to sit in systems for extended periods of time, and continue to exfiltrate data or infect various systems and networks. This is where cyber security monitoring plays an extremely vital role. An organization needs to have a constant awareness of the status and activities within their systems, which is what proper monitoring allows for. When integrated, IT staff or an analyst can have regular updates on running operations, as well as receive alerts in regard to anomalies or patterns that could be indicative of threats. They can then immediately investigate and handle these if necessary. This reduces the potential for indicators to go unnoticed, and for threats to be allowed to sit in systems for extended periods, as they would have been rapidly detected when attempting to breach. Massive Alliance’s comprehensive cyber security monitoring services can provide an organization a much needed awareness and line of defense for their systems and networks.