Ransomware, malware attack breaches 45,000 patient records
Missouri-based Blue Springs Family Care reported a breach of 44,979 patient records after hackers peppered the provider with a variety of malware, including ransomware.
While some media reports have pointed to a decline in ransomware attacks on the healthcare sector this year, Blue Springs is just the latest provider in recent months to report an attack.
In fact, in just the past two weeks, LabCorp and Cass Regional Medical Center, another Missouri-based provider, went down for more than a week after separate ransomware attacks.
[Also: The biggest healthcare data breaches of 2018 (so far)]
For Blue Springs, officials said their computer vendor discovered the ransomware attack on May 12. The provider hired a third party to investigate, which found the hackers installed a variety of malware onto the computer in addition to the ransomware.
Those viruses gave hackers full access to Blue Springs’ systems, including all patient data.
The investigation couldn’t rule out access of theft. And officials did not explain whether the hackers installed all of the malware varieties at once, or if the other malicious software was added at other times.
The impacted data included patient names, Social Security numbers, account numbers, driver’s licenses, disability codes, medical diagnoses, addresses and dates of birth. Combined, this type of data could be used by hackers for both identity and medical fraud.
The forensics team quarantined the entire system to prevent further access. Officials said they’ve installed new software to monitor unauthorized access, along with an intrusion prevention system, with a firewall.
Blue Springs also is switching its electronic health records system, which will encrypt all data at rest to prevent data access if the system is breached again in the future.
The breach serves as a yet another reminder for organizations to plan and prepare for cyberattacks. Organizations that underinvest in cybersecurity will spend $408 per patient record to recover from a data breach, according to a recent Ponemon report.
Twitter: @JF_Davis_
Email the writer: jessica.davis@himssmedia.com