Security Breach Update
28 February 2019

Medical DataIn this week’s security news, highly-sensitive medical conversations accessed from a Swedish health phone line, rogue politicians stir up data breach anarchy in the U.K.

Also restaurant customer credit cards exposed across 100+ establishments in 9 x U.S. states, and an Australian hospital faced with ransom demands to unlock stolen files.

Recent Breaches

Australia- Melbourne Heart Group – Cardiology practice based at the Cabrini Hospital in Malvern

Exploit: Ransomware

Risk to Small Business: Severe: Malware created possibly in Russia or North Korea was deployed by a hacking group to deploy ransomware in a cardiology practice in Malvern, Australia, and encrypt 15,000 medical files, crippling the server. The attack was discovered when the practice reported that it could not access patient files for three weeks.

Even after the ransom was reportedly paid in cryptocurrency as demanded, some files remained encrypted. Affected patients were informed that their files were lost but not told of the breach. The event is now under investigation by security agencies.

Risk to Exploited Individuals: Severe: Patients showed up for appointments the practice did not have on record. Some medical files are still encrypted

Customers Impacted: Up to 15,000

United States – AdventHealth Medical Group – Taveras, Florida-based health care practice

Exploit: Malware

Risk to Small Business: Severe: AdventHealth Group recently announced a 16-month data breach stretching back to August 2017 that exposed some 42,000 patients’ sensitive personal data. The medical provider group has not detected how the malware was installed, nor has it stated why the breach was not discovered for nearly a year and a half.

Risk to Exploited Individuals: Severe: The malware allowed access to patient names, addresses, email addresses, telephone numbers, dates of birth, health insurance information, Social Security numbers, and medical histories, as well as race, gender, weight, and height. This data could allow identity theft and potentially blackmail where particularly sensitive medical conditions, such as HIV/AIDS or addiction, are concerned.

Customers Impacted:  42,000 users

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
28/02/2019

Follow us on LinkedIn:

Related Articles:
2019 the Year of Phishing.
Phishing Emails – A Constant Threat

Written by