In the aftermath of the ransomware attack on Colonial Pipeline, a number of ransomware gangs like REvil and Avaddon said that they have enforced new regulations that necessitate their affiliates to get permission prior to attacking a target, and that attacks on healthcare companies had been prohibited. Nonetheless, a lot of ransomware-as-a-service operations have not enforced prohibitions and healthcare providers are still getting targeted. Lately, a number of healthcare organizations have been confirmed as having attacks.
San Diego Family Care
San Diego Family Care (SDFC) in California has reported that it experienced the impact of a ransomware attack in December 2020. SDFC as well as its business associate Health Center Partners of Southern California (HCP) were impacted by a ransomware attack on their information technology hosting vendor. It was reported that Netgain Technologies. Netgain Technologies paid a $2.3 million ransom to acquire the keys to unlock the encrypted files and informed SDFC and HCP on January 20, 2021 regarding the compromise of the protected health information (PHI) of their patients.
SDFC and HCP were given a copy of the affected data and performed an evaluation to know which people were impacted and the types of information affected. The analysis was done on April 11, 2021 and so far, 125,500 patients are known to have been impacted.
SDFC explained in its substitute breach notice that the following types of data were breached: Names, Social Security numbers, government identification numbers, financial account numbers, dates of birth, medical diagnosis or treatment data, health insurance details, and/or client IDs. Affected persons received breach notification letters by mail on May 7, 2021.
SAC Health Systems
SAC Health Systems based in San Bernardino, CA also became a victim of the ransomware attack on its now past IT service provider, Netgain Technologies. SAC Health Systems was informed by Netgain Technologies on January 15, 2021 concerning the access of the ransomware gang to its servers containing patient information between November 15, 2020 and November 22, 2020.
SAC Health Systems stated on April 20, 2021 that the ransomare attack affected 28,128 individuals. The types of records exposed included names, birth dates, addresses, Social Security numbers, driver’s license numbers, state identification numbers, tax IDs, financial account data, medical histories, electronic signatures, medical insurance details, medical record numbers, doctor names, prescription details, and reason for absence. All impacted people are now being alerted.
Harper County Community Hospital
Harper County Community Hospital based in Oklahoma has reported that it experienced a ransomware attack on March 24, 2021 that resulted in the potential compromise of the PHI of 5,725 patients.
The hospital stated the attack did not affect patient medical records, however workstations and common drives were affected, and they comprised files having first and last names, birth dates, residence addresses, Social Security numbers, patient account numbers, diagnoses, and medical insurance data.
Harper County Community Hospital had taken prompt corrective actions and has enforced extensive IT security practices, backup procedures, and made updates to its HIPAA policies and guidelines. All impacted persons are currently being informed concerning the attack.