BreachExchange mailing list archives
Ohio Provider Pays $75K Ransom After Serious Hack on IT System
From: Destry Winant <destry () riskbasedsecurity com>
Date: Fri, 14 Jun 2019 23:59:06 -0500
https://healthitsecurity.com/news/ohio-provider-pays-75k-ransom-after-serious-hack-on-it-system NEO Urology in Boardman, Ohio was infected by a ransomware attack, which hacked its entire IT system and left all of its data encrypted, according to local news outlet 21WFMJ. According to the report, a practice administrator arrived on Monday to find a fax sent from the hackers telling NEO Urology officials that in order to unlock their data, they would need to pay a $75,000 ransom. The provider contacted its IT firm, who were able to “backdoor” the hackers. Officials said the IT firm used a third-party to pay the hackers the ransom in bitcoin. An initial investigation determined the cyberattack likely originated in Russia, while the fax listed the contact information for the hackers as “Pay4Day.io.” The hack was so severe that it took three days for the practice to regain access to their computer systems. Further, NEO Urology told police that they reported between $30,000 and $50,000 per day of revenue loss. The FBI and the majority of security researchers warn against paying the ransom, as it only fuels the perpetuation of these ransomware attacks. However, some healthcare providers, such as Hancock Health which fell victim to a similar attack, have found themselves without data access and unable to quickly restore their systems – and end up paying the ransom to quickly restore routine patient care. In fact, after hackers deleted their files, Michigan’s Brookside ENT and Hearing Center opted to close up shop in April due to the severity of the ransomware attack. While the majority of industries across the country have seen a massive decline in ransomware over the last year, the healthcare sector continues to be a prime target due its need for constant access to its systems and patient data to ensure patient care is not interrupted. Ransomware attacks on business targets increased by a whopping 195 percent during the first quarter of 2019, with 71 percent of these attacks targeting small businesses like NEO Urology and Dr. Thomas DeLuca, Dr. Anthony Marciano & Associates, which fell victim to an attack in February. Despite insiders and privilege misuse dominating the majority of healthcare breaches in 2018, ransomware made up 70 percent of all malware attacks on the sector. Hackers continue to improve the sophistication of these attacks, with the notorious Dharma ransomware variant recently receiving an update that disguises the malware as antivirus software. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Ohio Provider Pays $75K Ransom After Serious Hack on IT System Destry Winant (Jun 18)