A Glance at the Major Ransomware Attacks that hit Healthcare Sector in 2019

The following article was submitted by Sean Dahlman from Greater Mankato Growth member business, Pantheon Computers. It is about cyber security and how it relates specifically to the healthcare sector.
Are you part of a Greater Mankato member business and have an interest in writing a guest blog for us? Send 500-800 words to [email protected] or reach out to Greater Mankato Growth with further questions.

  • The healthcare sector holds a vast amount of highly sensitive patient data, which is why it has been continuously targeted by attackers.
  • Despite several healthcare centers and hospitals becoming victims of ransomware attacks, a few victims have paid the ransom amount in order to recover their encrypted files.

What’s the matter?

The healthcare sector has been continuously facing the brunt of targeted ransomware attacks in recent years. It is to be noted that several massive ransomware attacks knocked off the healthcare sector this year.

What makes the healthcare sector an appealing target?

The healthcare sector holds a vast amount of highly sensitive patient data, which is why it has been continuously targeted by attackers.

Most hospitals rely on files and systems for their day-to-day operations and store sensitive patient data on systems, therefore, they might end up paying the ransom amount if their data gets locked up. This may be one of the major reasons for the healthcare sector being an easy target of ransomware.

Some of the notable ransomware incidents:

Ransomware attack at Premier Family Medical

Premier Family Medical in Utah suffered a ransomware attack that disabled access to data from certain systems within its organization. This attack impacted nearly 320,000 patients who have been treated at any of Premier’s ten Utah County locations including American Fork Clinic, Copper Peaks Clinic, Eagle Mountain Clinic, Lehi Main Street Clinic, Lindon Clinic, Mountain Point Clinic, Orem Clinic, Pleasant Grove Clinic, Premier Dermatology Clinic, and Saratoga Springs Clinic are impacted.

Two Hospitals in Puerto Rico hit with ransomware attacks

Bayamón Medical Center and its affiliated Puerto Rico Women And Children’s Hospital fell victim to a ransomware attack. The ransomware infection encrypted all computer files that contained patients’ personal information. This incident impacted nearly 422,496 Bayamón Medical Center patients and 99,943 Puerto Rico Women And Children’s Hospital patients.

Doctors’ Management Service hit with GandCrab ransomware attack

Attackers infected Doctors’ Management Service’s computer systems with Gandcrab ransomware. The attack impacted almost 38 healthcare centers including Beverly Surgical Associates, Today’s Wellness PLLC, Neuro Institute of New England, Thompson Medical Associates, New England Community Medical Services, and more. The compromised data includes patients’ personal information such as names, addresses, dates of birth, Social Security numbers, driver’s license numbers, insurance, Medicare/Medicaid information and numbers, and medical information.

Dental offices hit with Sodinokibi ransomware

Sodinokibi ransomware infected DDS Safe, an online backup product from Digital Dental Record (DDS), through its cloud management provider, PercSoft. This impacted hundreds of dental practices in the US. Over 400 dental practices had their data and patient records encrypted.

Some of the healthcare centers that paid a ransom

Despite several healthcare centers and hospitals becoming victims of ransomware attacks, a few victims decided to pay the ransom amount in order to recover the encrypted files.

Park DuValle Community Health Center, which suffered a ransomware attack on June 07, 2019, finally paid a ransom of $70,000 in July 2019, after struggling to recover its records for over 7 weeks.

Similarly, Estes Park Health (EPH) which suffered a ransomware attack on June 2, 2019, paid a ransom amount of $10,000 in order to unlock the encrypted files.

soSomali