Earlier this week, the Singing River Health System issued a data breach notification stating that it is now estimating that 895,204 people were impacted by an August 2023 ransomware attack.
Singing River Health System is located in Mississippi and operates the 3 hospitals in the state totaling over 700 beds, as well as 2 hospices, 4 pharmacies, 6 imaging centers, 10 specialty centers, and 12 medical clinics all employing over 3,500 people.
The August 2023 ransomware attack resulted in operational disruptions at its hospitals and it was estimated that 501 individuals had personal data stolen. On September 13, the organization confirmed that data had been exfiltrated, and on December 18, it announced that the incident impacted 252,890 people.
According to the latest information in the notification and on the organization’s site, the exposed data includes:
- Full name
- DOBs
- Physical address
- SSNs
- Medical information
- Health information
The attack was claimed by the Rhysida ransomware gang which so far has leaked roughly 80% of the data they claim to hold, allegedly including 420,766 files totaling 754 GB.
BullWall Executive, Carol Volk had this comment:
“The Singing River Health System’s ransomware attack is a stark reminder of the cybersecurity siege that healthcare organizations are under. This breach is not just a statistic but a severe blow to the trust and safety of nearly a million people. These victims had their most sensitive information—names, dates of birth, addresses, Social Security numbers, and medical records—exposed, placing them at significant risk of identity theft and fraud.
“Hospitals and healthcare systems are prime targets for cybercriminals. The Rhysida ransomware gang’s claim to have leaked 80% of the data they stole highlights the immense challenges in protecting health information. Singing River Health System, with its extensive network of hospitals, clinics, and specialty centers, illustrates the vast attack surface and the inherent vulnerabilities within such a complex IT infrastructure.
“The operational disruptions, coupled with the personal data theft of a staggering 252,890, reveal the deep and lasting scars these attacks inflict on healthcare services. The fallout from such breaches is catastrophic, not only in terms of financial loss but also in the erosion of patient trust and the potential delay or cancellation of critical medical treatments.
“Healthcare organizations can assume they will be breached and must go beyond traditional defensive cybersecurity measures. It is imperative to implement robust ransomware containment defenses and maintain off-site backups to ensure continuity of care without succumbing to the demands of cyber extortionists. The Singing River Health System’s ordeal is a call to action for the entire healthcare sector to fortify its defenses and protect the sanctity of patient data and healthcare delivery.”
Once again I find myself in the position of having to say that healthcare needs more funding to protect themselves from attacks like these. The fact that I am constantly talking about this means that there’s a serious problem, which requires a real solution immediately.
Like this:
Like Loading...
Related
This entry was posted on May 16, 2024 at 8:07 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Mississippi Health System Updates Number Of Victims Affected By A Cyberattack To 895k
Earlier this week, the Singing River Health System issued a data breach notification stating that it is now estimating that 895,204 people were impacted by an August 2023 ransomware attack.
Singing River Health System is located in Mississippi and operates the 3 hospitals in the state totaling over 700 beds, as well as 2 hospices, 4 pharmacies, 6 imaging centers, 10 specialty centers, and 12 medical clinics all employing over 3,500 people.
The August 2023 ransomware attack resulted in operational disruptions at its hospitals and it was estimated that 501 individuals had personal data stolen. On September 13, the organization confirmed that data had been exfiltrated, and on December 18, it announced that the incident impacted 252,890 people.
According to the latest information in the notification and on the organization’s site, the exposed data includes:
The attack was claimed by the Rhysida ransomware gang which so far has leaked roughly 80% of the data they claim to hold, allegedly including 420,766 files totaling 754 GB.
BullWall Executive, Carol Volk had this comment:
“The Singing River Health System’s ransomware attack is a stark reminder of the cybersecurity siege that healthcare organizations are under. This breach is not just a statistic but a severe blow to the trust and safety of nearly a million people. These victims had their most sensitive information—names, dates of birth, addresses, Social Security numbers, and medical records—exposed, placing them at significant risk of identity theft and fraud.
“Hospitals and healthcare systems are prime targets for cybercriminals. The Rhysida ransomware gang’s claim to have leaked 80% of the data they stole highlights the immense challenges in protecting health information. Singing River Health System, with its extensive network of hospitals, clinics, and specialty centers, illustrates the vast attack surface and the inherent vulnerabilities within such a complex IT infrastructure.
“The operational disruptions, coupled with the personal data theft of a staggering 252,890, reveal the deep and lasting scars these attacks inflict on healthcare services. The fallout from such breaches is catastrophic, not only in terms of financial loss but also in the erosion of patient trust and the potential delay or cancellation of critical medical treatments.
“Healthcare organizations can assume they will be breached and must go beyond traditional defensive cybersecurity measures. It is imperative to implement robust ransomware containment defenses and maintain off-site backups to ensure continuity of care without succumbing to the demands of cyber extortionists. The Singing River Health System’s ordeal is a call to action for the entire healthcare sector to fortify its defenses and protect the sanctity of patient data and healthcare delivery.”
Once again I find myself in the position of having to say that healthcare needs more funding to protect themselves from attacks like these. The fact that I am constantly talking about this means that there’s a serious problem, which requires a real solution immediately.
Share this:
Like this:
Related
This entry was posted on May 16, 2024 at 8:07 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.