Those viruses gave hackers full access to Blue Springs systems, including all patient data.
The investigation could not rule out access to the theft. And the officials did not explain if the
hackers installed all the varieties of malware at the same time, or if the other malicious software
was added at other times.
This ransomware attack had affected the data including patient names, social security
numbers, account numbers, driver's licenses, disability codes, medical diagnoses, addresses and
dates of birth. Combined, this type of data could be used by hackers for identity and medical
fraud. The forensic team quarantined the entire system to prevent further access. A provider said
12
he had installed new software to monitor unauthorized access, along with an intrusion prevention
system, with a firewall.
What was done to fix it?
Blue Springs is also changing its electronic health records system, which will encrypt all
data at rest to prevent access to data if the system is breached again in the future.
The violation serves as another reminder for organizations to plan and prepare for cyber-attacks.
Organizations that invest less in cybersecurity will spend $ 408 per patient registry to recover
from a data breach, according to a recent company report. Then, $ 408 per patient record, three
times more than any other industry, according to the new cost of a data breach report.
What was impact after data-breach ?
Breaches have cost healthcare sector more than others for the last eight years, according
to the report. In fact, the financial sector landed at number two, but its breaches cost $206 per
consumer -- half of what it costs the healthcare industry.
Not only that, but the amount is up from $308 per patient record from last year.
In the report, sponsored by IBM, ponemon compared the cost of data breaches around the
globe and across all sectors and found data breaches cost organizations $3.86 million, up 6
percent from last year. Researchers spoke with more than 2,000 individuals and 477
organizations to calculate these costs.
Just last year, the cost of a breach fell year over year to $3.62 million, but those costs
have once again increased -- up from $141 per record across all sectors last year.
What is amount lost in data-breaches in healthcare ?
13
It’s also notable that data breaches are costlier in the U.S. than any other country, with an
average of $7.91 million. For comparison, it cost Buffalo-based Erie County Medical Center
nearly $10 million to rebuild its systems after falling victim to a ransomware attack in April
2017.
The type of breach also affects costs, with cyber-attacks and malicious insiders costing
about $157 per record across all sectors. System glitches cost about $131 per record to resolve,
while human errors cost $128 on average.
Article 6: “Phishing attack on Manitowoc County breaches PHI for 3 months by hijacked
an employee email account” - Harish Kumar Rachakonda
The phishing attack in Manitow County, Wisconsin has effectively breached personal
health care information for nearly three months.
