Last year, Verizon reported that almost a quarter of healthcare data breaches were initiated with the purpose of accessing credentials. Cyber criminals are after your login credentials. They recognize the value of patient information and the privileged access that comes with caring for that information. This adds further risk to the potential of suffering a cyber breach, such as a ransomware attack, and highlights the need to implement a perpetual privacy compliance system in any healthcare clinic or facility.
Attackers will take everything they can from your network.
When Virtual Care Provider Inc. (VCPI) was hit with a ransomware attack in November 2019, they quickly focused on recovery and risk mitigation. The attack resulted in them having todecline services to their clients that served 2,400 nursing homes. While the company tried to recover from the attack many of its elderly health care facilities, patient records, and phone services were cut off.
During the data security breach, the attackers released malware into VCPI’s system which obtained multiple passwords from the infected systems. They were able tosteal over 300 passwords from websites that the employees at the company used to log in, including:
- Medical supply services
- Direct deposit and Medicaid billing portals
- Prescriptions management services
- Numerous online payment processing services
- Online content distribution networks
- Password management and sharing sites
“We’re working on it” doesn’t keep criminals out of your patient data
VCPI was working on bettering their security but hadn’t had time to complete everything before the attackers hit. The organization said “We did a risk assessment that was pretty spot on, we just needed more time to work on it before the hit.We were doing the right things just not fast enough…once you’re targeted it is pretty tough to defend.”
The consequences add up to scary
The information that these cyber criminals were able to obtain can have very serious consequences on VCPI. These criminals can commit identity theft, sell prescription drugs, impersonate doctors, and more.
Bottom line: if your clinic is hit with a ransomware attack, the clinic“should assume that all credentials stored anywhere on the local network (including those saved inside web browsers and password managers) are compromised and need to be changed.”