Northwestern Memorial HealthCare has learned about the potential compromise of the personal data of people who previously donated to Northwestern Memorial HealthCare because of a Blackbaud ransomware attack recently. An unauthorized person first accessed the Blackbaud systems on February 7, 2020 and possibly continued accessing it until the ransomware was deployed on May 20,2020.
Prior to the use of ransomware, the attacker possibly obtained access to a backup of a database which stored names, dates of birth, age, gender, medical record number, departments of service, dates of service, treating doctors, and/or limited clinical data. The Social Security numbers and/or financial/payment card details of 5 persons were additionally found in the database. In total, the details of 55,983 Northwestern Memorial HealthCare donors was probably compromised in the attack.
Northwestern Memorial HealthCare is reviewing its third-party database storage vendors and its connection with Blackbaud so as to avoid identical data breaches later on.
Names and Medical Insurance Data of 15,000 Lafayette Fire Department Ambulance Users Exposed
On July 27, 2020, a ransomware attack on the City of Lafayette, CO disrupted its telephone, email, online billing, and reservation systems and essential data became inaccessible. After evaluating the cost and benefits of all possible solutions, the city decided to pay $45,000 to the attackers to avoid the big disruption and issues affecting its online operations.
Before deploying the ransomware, the attackers could have accessed personal data saved on Lafayette’s computer system. The attackers potentially accessed some personal data, such as city employees’ Social Security numbers and the usernames and security passwords of those who used its online services. In addition, the attackers may have gotten the names and medical insurance identification numbers of 15,000 people that the Lafayette Fire Department ambulance transported before January 1, 2018.
The city has taken out the ransomware and restored its network servers and computers, deployed crypto-safe backup systems, and implemented extra cybersecurity measures to stop more ransomware attacks.