16,000 Patients of Mind & Motion were impacted by a Ransomware Attack
Around 16,000 patients' of a medical facility located in Georgia, US, were impacted by a security breach, as their records got exposed when ransomware was discovered on the servers of the medical facility.
Mind and Motion Developmental Centers in Georgia revealed that the medical records were compromised due to the ransomware, which has been found on September 30, 2018. Patients' personal information including names, birth dates, addresses, medical records, insurance details, and Social Security numbers were possibly taken in this hack.
The notification reads that immediately after medical facility server was attacked, one compliance consulting firm was hired by the medical facility - to ensure that they were in compliance with all the HIPAA rules as well as regulations and to assist at the time of reporting about the breach to US Department of Health & Human Services,.
"According to the security breach reported provided by TeamLogic IT, it was also discovered that an inactive keylogger and spam emailer had been installed. No other serious virus or malware programs were readily visible".
In an exchange of email, a medical center spokesman said to 'The Daily Swig' that their cybersecurity practices improved after the attack.
Prior to this leak, the computers were not getting updated on a regular basis and all the staff members were not trained on how to find security issues like phishing attacks. The medical center spokesman further said that although the computers did have numerous types of anti-malware/anti-virus earlier also, but all the computers don't have the latest updates and daily scans were not done. The username and password standards have been enforced before this leak, but level of security that have been implemented now is much better (i.e. complex passwords that requires a particular amount of characters and digits, also password required to be changed after every 90 days, etc.)
He added that "we have also already spoken with the Department of Health and Human Services about providing mid-year, supplemental trainings for new hires and individuals with questions".
However, the treatment facility did not release any kind of information on whether the ransom has been paid, but it did tell that none of the patients reported any "inconvenience" as a result of the data theft.
» SPAMfighter News - 1/2/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!