US Hospital Hacked, Patient Names and Colonoscopy Results Posted Online
The patients of two hospitals in the United States had their complete names, birthdays and colonoscopy results all posted on the dark web after a hack.
Hacker targeted two US hospitals
According to NBC News, the tens of thousands of files that were released were from patients at Leon Medical Centers in Miami and Nocona General Hospital in Texas.
The patient records that were posted in this hack also include the letters to health insurers. There are now ransomware that were locking up the systems at Nocona, and the organization did not open a ransomware demand, according to the attorney for the organization.
These past few years, cyberattacks on hospitals and health care organizations are becoming very common. These types of attacks are doubled in the second half of 2020 compared to the first half of the year.
Two major attacks targeted US health care facilities in the fall. But cybercriminals usually do not post patient information publicly. It is more common for them to introduce a bug that automatically locks up computer systems until the facility pays a specific amount, and they will release the data if the ransom is not paid.
It is very dangerous for patients when ransomware attacks prevent doctors and other health care workers from accessing patient files. They may not be able to see the health records of the patients, which would include information about things like medication allergies.
The lock will also prevent them from using CT scan machinery and MRI machinery. But it is also dangerous when the hospitals have data breaches, for 30 days after more and more people die than usual, due to people having to devote time to fix the systems instead of focusing on the medicine.
Most health care organizations are not prepared for cyberattacks and there are fewer resources to devote to the issue after a year battling COVID-19.
Health care organization's problem with cyberattacks
Many of the large-scale cyberattacks on hospitals in the past have been incidental. A piece of ransomware is sent out and it happens to get into a hospital, according to NBC News.
That is exactly what happened to the National Health Service or the NHS in the UK in 2017 when the WannCry cyberattack hit the organizations around the world. However, two attacks were intentionally made on hospitals.
They are an appealing target especially during the height of the COVID-19 pandemic because they are essential and the institutions can't be offline.
According to Alan Woodward, a computer security expert and professor at the University of Surrey in the United Kingdom, hospitals and health care facilities are also targeted because some have paid ransoms in the past just to get their systems unlocked.
Woodward added that there were a few high profile cases where people have paid the hackers. Law enforcement agencies have warned not to pay hackers as it will put a target on their backs.
Post Original: TechTimes