According to a notice posted this week on the hospital’s website, Tampa General Hospital stated that it discovered a cyberattack on May 31st. They say the attackers were in their network for three weeks and that the breach affects approximately 1.2 million patients.
Stolen patient information varied but may have included names, addresses, phone numbers, dates of birth, SSNs, health insurance information, medical record numbers, patient account numbers, dates of service and limited information about treatment.
The hospital’s statement did not name the attackers, but DataBreaches reported that the Snatch Ransomware gang had added the hospital to its leak site, and claimed they had acquired 4 TB of the hospitals files.Meanwhile, the hospital’s notice said that their security team had been able to prevent the encryption of any of their files but did not mention a ransom demand.
Al Martinek, Customer Threat Analyst at Horizon3.ai had this to say:
“Cyber threat actors do not typically use sophisticated hacking tools and techniques like zero-day exploits to gain access to a network; most often, they simply log in with legitimate user credentials gleaned from previous data breaches. According to CrowdStrike, 62% of all detections indexed by the fourth quarter of 2021 were malware-free – meaning attackers were “living off the land,” using legitimate credentials and built-in tools to evade detection instead of sophisticated malware.
“Nefarious actors exploit credentials in many ways. They can:
- Take advantage of weak password strength requirements or weak account lockout thresholds
- Capture and then crack hashes
- Take advantage of accounts that reuse compromised credentials
- Use the default credentials that remain unchanged in a variety of web applications and systems processes
“Some threat actors even go so far as to buy cleartext credentials available on the dark web. Once they gain initial access, they then appear as legitimate users and can move laterally within a network to gain further access and establish persistence, steal sensitive data, bring down systems, and/or hold the organization hostage through ransomware.”
Ani Chaudhuri, CEO, Dasera follows up with this:
First and foremost, it is crucial to acknowledge the immense challenge hospitals like Tampa General and the healthcare industry face in safeguarding sensitive medical information amidst the relentless barrage of external and internal threats. The recent breach is a stark reminder of the complexities in ensuring robust patient data security across the board. However, it is essential to recognize that this challenge extends far beyond the healthcare sector, as data breaches have become a pervasive issue faced by companies worldwide. From multinational corporations to small businesses, organizations of all sizes and industries grapple with the daunting task of securing sensitive data in the face of increasingly sophisticated cyber threats.
Securing healthcare data requires a comprehensive and multifaceted approach considering the ever-evolving technological vulnerabilities and the persistent threats cybercriminals pose. Hospitals like Tampa General are responsible for protecting patient confidentiality and must invest in robust security measures to prevent unauthorized access.
While we await further details regarding the breach, it is evident that the unauthorized party gained access to a substantial amount of personal information, including Social Security numbers, addresses, and medical records. This breach exposes patients to the risk of identity theft and financial fraud and undermines patients’ trust and confidence in the hospital’s commitment to data security.
In light of this breach, all affected individuals should protect themselves immediately. Monitoring financial accounts closely, reviewing credit reports regularly, and remaining vigilant for any suspicious activity is crucial.
Tampa General Hospital and healthcare organizations worldwide must use incidents like this as catalysts for change. Learning from such breaches and proactively enhancing data security practices is vital. Cybersecurity requires continual investment in advanced technologies, comprehensive training programs, and stringent security protocols.
Let us view this unfortunate event as an opportunity for growth and improvement, reinforcing the critical importance of safeguarding patient data. We should work together to build a more resilient healthcare ecosystem that prioritizes the privacy and security of every individual’s sensitive information.
Healthcare is an easy target for threat actors as they are often resource constrained when it comes to defending against cyber threats. That has to change as this event, and ones like it are far from trivial given the damage that they cause to those affected.
Like this:
Like Loading...
Related
This entry was posted on July 21, 2023 at 9:19 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Tampa General Hospital Pwned… 1.2 Million Patients Affected
According to a notice posted this week on the hospital’s website, Tampa General Hospital stated that it discovered a cyberattack on May 31st. They say the attackers were in their network for three weeks and that the breach affects approximately 1.2 million patients.
Stolen patient information varied but may have included names, addresses, phone numbers, dates of birth, SSNs, health insurance information, medical record numbers, patient account numbers, dates of service and limited information about treatment.
The hospital’s statement did not name the attackers, but DataBreaches reported that the Snatch Ransomware gang had added the hospital to its leak site, and claimed they had acquired 4 TB of the hospitals files.Meanwhile, the hospital’s notice said that their security team had been able to prevent the encryption of any of their files but did not mention a ransom demand.
Al Martinek, Customer Threat Analyst at Horizon3.ai had this to say:
“Cyber threat actors do not typically use sophisticated hacking tools and techniques like zero-day exploits to gain access to a network; most often, they simply log in with legitimate user credentials gleaned from previous data breaches. According to CrowdStrike, 62% of all detections indexed by the fourth quarter of 2021 were malware-free – meaning attackers were “living off the land,” using legitimate credentials and built-in tools to evade detection instead of sophisticated malware.
“Nefarious actors exploit credentials in many ways. They can:
“Some threat actors even go so far as to buy cleartext credentials available on the dark web. Once they gain initial access, they then appear as legitimate users and can move laterally within a network to gain further access and establish persistence, steal sensitive data, bring down systems, and/or hold the organization hostage through ransomware.”
Ani Chaudhuri, CEO, Dasera follows up with this:
First and foremost, it is crucial to acknowledge the immense challenge hospitals like Tampa General and the healthcare industry face in safeguarding sensitive medical information amidst the relentless barrage of external and internal threats. The recent breach is a stark reminder of the complexities in ensuring robust patient data security across the board. However, it is essential to recognize that this challenge extends far beyond the healthcare sector, as data breaches have become a pervasive issue faced by companies worldwide. From multinational corporations to small businesses, organizations of all sizes and industries grapple with the daunting task of securing sensitive data in the face of increasingly sophisticated cyber threats.
Securing healthcare data requires a comprehensive and multifaceted approach considering the ever-evolving technological vulnerabilities and the persistent threats cybercriminals pose. Hospitals like Tampa General are responsible for protecting patient confidentiality and must invest in robust security measures to prevent unauthorized access.
While we await further details regarding the breach, it is evident that the unauthorized party gained access to a substantial amount of personal information, including Social Security numbers, addresses, and medical records. This breach exposes patients to the risk of identity theft and financial fraud and undermines patients’ trust and confidence in the hospital’s commitment to data security.
In light of this breach, all affected individuals should protect themselves immediately. Monitoring financial accounts closely, reviewing credit reports regularly, and remaining vigilant for any suspicious activity is crucial.
Tampa General Hospital and healthcare organizations worldwide must use incidents like this as catalysts for change. Learning from such breaches and proactively enhancing data security practices is vital. Cybersecurity requires continual investment in advanced technologies, comprehensive training programs, and stringent security protocols.
Let us view this unfortunate event as an opportunity for growth and improvement, reinforcing the critical importance of safeguarding patient data. We should work together to build a more resilient healthcare ecosystem that prioritizes the privacy and security of every individual’s sensitive information.
Healthcare is an easy target for threat actors as they are often resource constrained when it comes to defending against cyber threats. That has to change as this event, and ones like it are far from trivial given the damage that they cause to those affected.
Share this:
Like this:
Related
This entry was posted on July 21, 2023 at 9:19 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.