Ransomware Attacks Hit 2 More Healthcare Organizations

Risk Mitigation Tips
Ransomeware Attacks continue to surge as two ransomware incidents recently reported to federal regulators as health data breaches illustrate.

Recent ransomware-related data breaches reported to the DHHS OCR affected Woodlawn Dental Center based in Cambridge, Ohio, and Mat-Su Surgical Associates in Palmer, Alaska.

Woodlawn Dental Incident
The HHS “Wall of Shame” shows that Woodlawn Dental reported on May 18 that a breach affected more than 14,400 individuals.

In a notification statement, Woodlawn says on March 18, it suffered a ransomware attack on its computer systems. It identified the attack almost immediately and was able to restore systems from secure backup hard drives without paying a ransom. Data potentially exposed in the breach includes patients’ names, addresses, Social Security numbers, dates of birth plus medical insurance, and related health information.

Mat-Su Surgical Incident
The HHS OCR website also shows that on May 15, Mat-Su Surgical reported a breach affecting more than 13,000 individuals.

In a notification statement, Mat-Su Surgical says that on March 16, it discovered that some of its files were encrypted, preventing access to the practice’s system. Mat-Su Surgical hired independent computer forensic experts “who determined that an unauthorized individual may have gained access to files stored on our system that contained some of our patients’ protected health information.” PHI potentially exposed includes patient names, addresses, Social Security numbers, diagnosis and treatment information, test results, and health insurance information.

Uptick in Assaults
Ransomware and other scams have been spiking in recent months as the healthcare sector and other industries have struggled with responding to the COVID-19 pandemic.

Healthcare organizations should take a number of critical steps to prevent falling victim to ransomware.

The most important step in the prevention of ransomware is workforce awareness. Phishing emails are common and getting more sophisticated. Employees could be easily tricked into clicking on a malicious link embedded in an email or in an attachment.

6 ways to lower your organization’s ransomware risk:

  1. Multifactor authentication for any remote access helps reduce the likelihood of an unauthorized user gaining access.
  2. Segment networks to limit access and exposure in the event of unauthorized access.
  3. Woodlawn Dental indicates in its notification statement that it was able to quickly restore its systems with backup hard drives, which points to the benefits of having a good backup plan.
  4. Create an “air gap” to prevent data backups from being infected with ransomware. This may mean having at least one copy of data backups on encrypted removable media that is isolated from the networked backup system.
  5. Conduct a tabletop exercise using ransomware as the scenario. Prepare for a ransomware attack that impedes access to patients’ electronic health records. Each organization should have hard copy downtime procedures to ensure the continuity of business operations.
  6. Test backups and contingency plans for crucial patient care systems, such as EHRs. Consider facilities in surrounding areas to enter into reciprocal relationships in the event of business disruption.

Cyber incidents are not slowing down, and the traditional mode of preparation through risk assessments and other means have also been disrupted. So relying on the known best practices, such as MFA, backups and testing, increased user awareness, and monitoring is key. If you have any questions about IT security and the current risks in the healthcare world, call ITPAC today.