Ransomware Hits Health Care Once Again, 45,000 Patient Records Compromised in Blue Springs Breach
More and more, ransomware attacks are targeting one specific industry – health care. As detailed in our McAfee Labs Threats Report: March 2018, health care experienced a dramatic 210% overall increase in cyber incidents in 2017. Unfortunately, 2018 is showing no signs of slowing. In fact, just this week it was revealed that patient records from the Missouri-based Blue Springs Family Care have been compromised after cybercriminals attacked the provider with a variety of malware, including ransomware.
Though it’s not entirely sure yet how these attackers gained access, their methods were effective. With this attack, the cybercriminals were able to breach the organization’s entire system, making patient data vulnerable. The attack resulted in 44,979 records being compromised, which includes Social Security numbers, account numbers, driver’s licenses, disability codes, medical diagnoses, addresses, and dates of birth.
The company’s official statement notes, “at this time, we have not received any indication that the information has been used by an unauthorized individual.” However, if this type of data does become leveraged, it could be used by hackers for both identity and medical fraud.
So, with a plethora of personal information out in the open – what should these patients do next to ensure their personal data is secure and their health information is private? Start by following these tips:
- Talk with your health provider. With many cyberattacks taking advantage of the old computer systems still used by many health care providers, it’s important to ask yours what they do to protect your information. What’s more, ask if they use systems that have a comprehensive view of who accesses patient data. If they can’t provide you with answers, consider moving on to another practice that has cybersecurity more top of mind.
- Set up an alert. Though this data breach does not compromise financial data, this personal data can still be used to obtain access to financial accounts. Therefore, it’s best to proactively place a fraud alert on your credit so that any new or recent requests undergo scrutiny. This also entitles you to extra copies of your credit report so you can check for anything suspicious. If you find an account you did not open, report it to the police or Federal Trade Commission, as well as the creditor involved so you can close the fraudulent account.
- Keep your eyes on your health bills and records. Just like you pay close attention to your credit card records, you need to also keep a close eye on health insurance bills and prescription records, which are two ways that your health records can be abused. Be vigilant about procedure descriptions that don’t seem right or bills from facilities you don’t remember visiting.
- Invest in an identity theft monitoring and recovery solution. With the increase in data breaches, people everywhere are facing the possibility of identity theft. That’s precisely why they should leverage a solution tool such as McAfee Identity Theft Protection, which allows users to take a proactive approach to protecting their identities with personal and financial monitoring and recovery tools to help keep their identities personal and secured.
The post Ransomware Hits Health Care Once Again, 45,000 Patient Records Compromised in Blue Springs Breach appeared first on McAfee Blogs.
More antivirus and malware news?
- Addressing the 3 Million Person Cybersecurity Workforce Gap
- How AT&T Insiders Were Bribed to ‘Unlock’ Millions of Phones
- Nine Remotely Exploitable Vulnerabilities Found in Dell EMC Storage Platform
- Microsoft Office CVE-2015-2521 Memory Corruption Vulnerability
- Facebook Paid Out $1.1 Million in Bug Bounties in 2018
- Microsoft XML Core Services CVE-2015-2440 Information Disclosure Vulnerability
- Microsoft Windows TCP/IP CVE-2014-4076 Local Privilege Escalation Vulnerability
- Huawei investigates Huawei investigators and finds no evil
- Dell Secureworks uncovers trojan that hides in image files
- Russia’s Ex-Cybersecurity Chief Gets 22-Year Sentence in Jail