This is rather unsettling.
Four California medical groups filed a joint disclosure with the US department of Health and Human Services of data breach affecting the PII of over 3.3 million patients. The groups included Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group and the Greater Covina Medical Group. In a notice of breach on their website, regal Medical Group describes this as a ransomware attack, yet no details of the attack vector or the perpetrators is mentioned.
The attack occurred on December 1st of 2022 and investigators have determined that the personal information compromised in the attack included names, SS#s, DOB, addresses, medical diagnosis and treatment, lab results, prescriptions, radiology reports, health plan numbers and phone numbers. That’s the sort of information that in the wrong hands can cause real damage to somebody’s life.
I have two comments on this data breach. The first is from Ted Miracco, CEO of Approov:
“The healthcare industry remains one of the most vulnerable and most targeted sectors of the economy when it comes to cyber attacks. While the specifics of the attack have not been disclosed, it would not be surprising if the attack involved either the use of mobile devices and/or the exploitation of APIs. This is a common vector, as the security of mobile applications and the APIs they rely on remain the weakest link in protecting this most sensitive and most personal data. A more comprehensive approach to cybersecurity in the healthcare space is required, and that approach must take into account more than protection, and also address the detection and effective countermeasure to be effective.”
The second is from Jan Lovmand, CTO of BullWall:
“The addition of healthcare records may make this recent attack on these California medical groups one of the most significant data events in years. Social Security numbers go for around a dollar. Trust me, the bad guys already have your social. Log-in credentials go for around $25 and maybe up to $75 if this also gives the cyber criminal access to your banking log-ins. If they have the credentials of an email admin you could see those go for as high as $1,500 (email admins should never put their job title on their LinkedIn for just this reason. However healthcare records, pins and log-ins can go for more than any of these.
“First, threat actors can see a person’s prescription history and will attempt to fill those prescriptions and sell the drugs on the Silk Road like websites, easily available on the Tor network. Second, if the records are detailed enough, they will attempt to extort those with embarrassing medical information. Imagine you are a married executive and a criminal approaches you letting you know they have all the information about your psychiatric history and medications, abortions or even venereal diseases. The amount they can extort in these instances can be tremendous and these often go unreported.
“When healthcare records are stolen the thieves will often gain $10’s of thousands of dollars of drugs and services from those records and the average victim will spend nearly 200 hours repairing the situation. It’s hard to know precisely what was stolen in this event but if the Healthcare records are detailed this may be one of the more costly breaches in the last 5 years.”
The scary thing about this data breach is that the effects could be felt for years as there’s no telling what the threat actors might do with the data that they obtained. That’s going to keep a lot of people awake at night.
Like this:
Like Loading...
Related
This entry was posted on February 14, 2023 at 8:19 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Data Breach Affecting Four California Medical Groups Disclosed
This is rather unsettling.
Four California medical groups filed a joint disclosure with the US department of Health and Human Services of data breach affecting the PII of over 3.3 million patients. The groups included Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group and the Greater Covina Medical Group. In a notice of breach on their website, regal Medical Group describes this as a ransomware attack, yet no details of the attack vector or the perpetrators is mentioned.
The attack occurred on December 1st of 2022 and investigators have determined that the personal information compromised in the attack included names, SS#s, DOB, addresses, medical diagnosis and treatment, lab results, prescriptions, radiology reports, health plan numbers and phone numbers. That’s the sort of information that in the wrong hands can cause real damage to somebody’s life.
I have two comments on this data breach. The first is from Ted Miracco, CEO of Approov:
“The healthcare industry remains one of the most vulnerable and most targeted sectors of the economy when it comes to cyber attacks. While the specifics of the attack have not been disclosed, it would not be surprising if the attack involved either the use of mobile devices and/or the exploitation of APIs. This is a common vector, as the security of mobile applications and the APIs they rely on remain the weakest link in protecting this most sensitive and most personal data. A more comprehensive approach to cybersecurity in the healthcare space is required, and that approach must take into account more than protection, and also address the detection and effective countermeasure to be effective.”
The second is from Jan Lovmand, CTO of BullWall:
“The addition of healthcare records may make this recent attack on these California medical groups one of the most significant data events in years. Social Security numbers go for around a dollar. Trust me, the bad guys already have your social. Log-in credentials go for around $25 and maybe up to $75 if this also gives the cyber criminal access to your banking log-ins. If they have the credentials of an email admin you could see those go for as high as $1,500 (email admins should never put their job title on their LinkedIn for just this reason. However healthcare records, pins and log-ins can go for more than any of these.
“First, threat actors can see a person’s prescription history and will attempt to fill those prescriptions and sell the drugs on the Silk Road like websites, easily available on the Tor network. Second, if the records are detailed enough, they will attempt to extort those with embarrassing medical information. Imagine you are a married executive and a criminal approaches you letting you know they have all the information about your psychiatric history and medications, abortions or even venereal diseases. The amount they can extort in these instances can be tremendous and these often go unreported.
“When healthcare records are stolen the thieves will often gain $10’s of thousands of dollars of drugs and services from those records and the average victim will spend nearly 200 hours repairing the situation. It’s hard to know precisely what was stolen in this event but if the Healthcare records are detailed this may be one of the more costly breaches in the last 5 years.”
The scary thing about this data breach is that the effects could be felt for years as there’s no telling what the threat actors might do with the data that they obtained. That’s going to keep a lot of people awake at night.
Share this:
Like this:
Related
This entry was posted on February 14, 2023 at 8:19 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.